Windows using the DNS suffix search list on all lookups, even valid FQDNs. How to stop this?
Well, I'm no expert, but here's what I found:
This registry entry works for both Windows XP and Windows Vista
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DNSClient]
"AppendToMultiLabelName"=dword:00000000
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient\AppendToMultiLabelName
Type = DWORD
Data:
- 0 (Do not Append Suffix)
- 1 (Append suffix)
If the registry entry is not present, the default in Windows XP is 1, and 0 in Windows Vista.
Note: This registry changes and its effect apply only to the ping
command, they do not apply to the nslookup
tool. This is because nslookup
contains its own DNS resolver and does not rely on the resolver built into the operating system (DNS Client). The DNS (multi-label) query packets sent by the nslookup
tool will append the domains listed in the suffix search order irrespective of the registry key settings mentioned here.
Reference: http://blogs.technet.com/networking/archive/2009/04/16/dns-client-name-resolution-behavior-in-windows-vista-vs-windows-xp.aspx
Sorry to revive a clearly old question, but it seems no one suggested the obvious answer of forcing a fqdn. Just use a trailing dot to force top level lookup. So in this example lookup www.microsoft.com.
.
I had the same problem because my domain controller was installed as part of a domain and then removed from the domain. For instance domain cloud
as subdomain for mydomain.com
Every DNS related action such as running nslookup
resulted in an address with the suffix .mydomain.com
being appended. For example, performing an nslookup of www.google.com
showed up as www.google.com.mydomain.com
.
To work around this:
- Go to your network card's IP settings and click Advanced
- On the DNS tab select Append these DNS suffixes (in order)
- Add the two suffixes
.
andmydomain.com
as shown here: - Click OK
This takes effect immediately and affects all NICs on the computer. This must be done for all domain computers.
It works as designed. Just append a dot at the end.
so for e.g.:
nslookup www.yahoo.com.
instead of
nslookup www.yahoo.com
then you'll get the result you probably want to see.