My desktop is part of the company domain and receives its IP address and DNS search list via DHCP. That's fine, of course. Is there a way that I can append additional entries to the end of the DNS search list that I got via DHCP?

When I bring up the NIC adapter settings for TCP/IP v4, of course it is set to obtain IP address and DNS server address automatically. Opening "Advanced" and clicking on the DNS tab, the DNS search list configuration is greyed out.

Is there a command or script I can run each time I boot to append to the end of the DNS search list that I get via DHCP?

My goal is to avoid having to type out long fully-qualified names for additional domains I frequently access (in our labs) that the company doesn't want to add to the DNS search list that everyone gets via DHCP.

Edit: In Linux, the configuration to do what I am looking for is easy. You configure either the DHCP client or the network interface itself to append or prepend or supersede the search list you get via DHCP. For an example of how to do in Linux what I am trying to do in Windows, see https://superuser.com/a/264032/2505 or http://jurjenbokma.com/ApprenticesNotes/domain_search_override.html

Does the lack of answers mean that this trivial configuration in Linux is not possible in Windows 7?

    People are voting to close this as "not constructive" which I don't understand. I'm not asking, "What is the best practice." I'm asking, "How do you do this very specific configuration in Windows 7?" How is that not constructive, or likely to elicit discussion or debate? – Eddie May 01 '13 at 16:50
  • 1
    The problem is that ServerFault is a Q&A site for professional systems and network administrators. Questions along the lines of "the sysadmin has disabled my access to do XYZ, how do I circumvent this?" are not appropriate here: implicit in such a question is the assumption that the asker is not the sysadmin. – Skyhawk May 03 '13 at 07:16
  • 2
    I'm not trying to circumvent anything. I have full admin rights on this development box, but I am not the network admin for this network. If my question is more appropriate for SuperUser, I'd expect it to get moved there, not closed as "not constructive." – Eddie May 04 '13 at 02:14

5 Answers


I found a way to do this which is probably a workaround and which won't work on a locked-down box where you don't have admin rights. Edit the registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\SearchList

Add to the end of that key any domains you want to add to your search list -- although this key may entirely replace your search list. This list should be comma-separated with no whitespace.

After making the change, you have to renew your DHCP lease as a way of getting the DHCP client to run so you can apply the change:

ipconfig /registerdns

Once you have done this, you'll have the new entries in your DNS search list.

  • While this worked for me, it only worked for a day. Today the value has been reset, probably by some sort of corporate group policy enforcement. Anyone know how to make this change stick? – KC Baltz Nov 04 '14 at 22:20

While I'm not sure how Group Policy will interact with this, you can manually edit the registry value HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SearchList to contain a comma separated (no spaces!) list of domain name suffixes that get appended to your DNS.

    Your answer lead me via Google to something that seems to work. I edited the registry key `HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\SearchList`, then I did `ipconfig /registerdns`, and after that point I saw the new search list entry. – Eddie May 01 '13 at 21:45

You can't append to the list provided by DHCP as far as I know.

Instead of setting your DNS to automatic, set it to manual and put in your primary DNS servers. Then you can input as many DNS servers as you want.

You'll probably want to change your suffix behaviour so it looks up the other domains too - this bit is probably more important in terms of helping you avoid typing FQDNs and instead just type hostnames.

Personally, the way I do this, is have my DNS servers setup with forwarders, i.e. they forward requests to other domains to get the answers and I simply put my suffix list in there, but my PC only queries my domain's DNS servers. I don't have to type FQDNs.

enter image description here

    It's true that I could have worked around this apparent missing feature of Windows by manually applying my DNS, including the search list. Except oddly, even doing that the search list configuration is greyed out. I can change anything else in there except that, via the UI you show above. – Eddie May 04 '13 at 02:11

What are you trying to accomplish with the additional DNS? Are you trying to get to another resource? The answer is likely no, as workarounds like adding an entry to a host file, or creating a static route will be disabled if you are a standard user.

  • The goal is that I don't have to type the fully-qualified name for certain lab domains. – Eddie May 01 '13 at 16:34
  • Quickest way, would be to see if you can get local admin access to your machine and edit your host file, since i doubt the admins would make a domain wide DNS change for lab machine access. – DanBig May 01 '13 at 16:46
  • So there is no command-line utility or WSH way to append to the DNS search list? – Eddie May 01 '13 at 16:51
  • Do you have local admin permissions? If so, add entries to your hosts file. http://www.accs-net.com/hosts/how_to_use_hosts.html – DanBig May 01 '13 at 16:54
  • 1
    I have the ability to edit my hosts file. But if I go that route, I have to edit this file regularly as servers are added and removed from the lab domain. If I can add a DNS search list entry, I only have to do that one time and it works forever, for every lab server ever added to that domain. – Eddie May 01 '13 at 17:05
  • If this lab domain is on a different subnet, and isn't being seen by your domain controller, then you are going to be out of luck, and have to use manual host file entry. – DanBig May 01 '13 at 17:14

I stuck with this problem as I wanted to add some URLs in DNS box but it was not letting me do anything and the whole block was greyed out.

Also, did not get any further help from Googling. Ultimately tried some combination of guesses and fortunately one of them worked for me and it made the DNS block editable.

Here are the steps:

  1. Open Registry Editor by following below path:


  2. Clear out the registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient\SearchList

  3. Register the DNS changes by opening CMD.EXE with Admin access:

    ipconfig /registerdns

Now check you DNS block under Advanced TCP/IP configuration, it should be editable now.

