Windows using the DNS suffix search list on all lookups, even valid FQDNs. How to stop this?

Well, I'm no expert, but here's what I found:

This registry entry works for both Windows XP and Windows Vista

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DNSClient]
"AppendToMultiLabelName"=dword:00000000

HKLM\Software\Policies\Microsoft\Windows NT\DNSClient\AppendToMultiLabelName
Type = DWORD

Data:

  • 0 (Do not Append Suffix)
  • 1 (Append suffix)

If the registry entry is not present, the default in Windows XP is 1, and 0 in Windows Vista.

Note: This registry changes and its effect apply only to the ping command, they do not apply to the nslookup tool. This is because nslookup contains its own DNS resolver and does not rely on the resolver built into the operating system (DNS Client). The DNS (multi-label) query packets sent by the nslookup tool will append the domains listed in the suffix search order irrespective of the registry key settings mentioned here.

Reference: http://blogs.technet.com/networking/archive/2009/04/16/dns-client-name-resolution-behavior-in-windows-vista-vs-windows-xp.aspx


Sorry to revive a clearly old question, but it seems no one suggested the obvious answer of forcing a fqdn. Just use a trailing dot to force top level lookup. So in this example lookup www.microsoft.com..


I had the same problem because my domain controller was installed as part of a domain and then removed from the domain. For instance domain cloud as subdomain for mydomain.com

Every DNS related action such as running nslookup resulted in an address with the suffix .mydomain.com being appended. For example, performing an nslookup of www.google.com showed up as www.google.com.mydomain.com.

To work around this:

  1. Go to your network card's IP settings and click Advanced
  2. On the DNS tab select Append these DNS suffixes (in order)
  3. Add the two suffixes . and mydomain.com as shown here: enter image description here
  4. Click OK

This takes effect immediately and affects all NICs on the computer. This must be done for all domain computers.


It works as designed. Just append a dot at the end.

so for e.g.:

nslookup www.yahoo.com. 

instead of

nslookup www.yahoo.com

then you'll get the result you probably want to see.