Hi Dan, that article says: 2.1. Automatically Detect Note 2: if the Require all users to authenticate Web Proxy setting is configured for the Internal interface of your ISA 2004 server, the request for the configuration script file (wpad.dat or wspad.dat) must be authenticated also. This means that for Internet Explorer an authentication prompt will pop-up. However, the Firewall client does not handle the "401 Authentication Required" response. Therefore, that request will fail. To solve that problem, check out the Microsoft Knowledge Base Article <http://support.microsoft.com/default.aspx?scid=kb;en-us;885683> 885683. If the flag "Require all users to authenticate" is *not* set than no authentication is required for WSAPD. Note that you can set a registry key (http://support.microsoft.com/default.aspx?scid=kb;en-us;885683) to *never* require authentication for the WSPAD, irrespective of the setting of the flag "Require all users to authenticate". HTH, Stefaan _____ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan Sent: woensdag 5 april 2006 20:55 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: wspad.dat I had read that article (even referenced it on this list yesterday, ironically), but was looking for a clarification. That article mentioned that if you have "Require all users to authenticate" enabled, it will force authentication for the wspad.dat query, but doesn't say anything else on the matter. I don't have that option enabled, but do require authentication to get past the Firewall Policies created. So, I am assuming that there really "shouldn't" be any reason why it would be authenticating during that query, but wanted to make sure. _____ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Stefaan Pouseele Sent: Wednesday, April 05, 2006 2:00 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: wspad.dat Hi Dan, check out http://www.isaserver.org/articles/ISA2004_ClientAutoConfig.html. HTH, Stefaan _____ From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Ball, Dan Sent: woensdag 5 april 2006 16:27 To: isalist@xxxxxxxxxxxxx Subject: [isalist] wspad.dat I am right to assume that no authentication is required when the FWC requests the wspad.dat file from the ISA2004 server? Trying to track down some problems, and occasionally requests for the wspad.dat file go unanswered from the ISA server. If it requires no authentication for that file, then I can look at the ISA server closer, but if it does require authentication to get that file I will have to look at both the ISA server and the local DC. -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.385 / Virus Database: 268.3.5/300 - Release Date: 4/3/2006