Delete and Add Entries to DNS Suffixes

3

1

Via a command line argument or PowerShell I want to manipulate the following list:

enter image description here

If you're wondering why, it's because a very specific VPN sets this to the client's domain when you connect, but never removes it. It breaks all my local access and it always replaces ALL entries within the list, it doesn't just add to it.

I've tried registry settings that I've discovered, like adding to the searchlist in HKLM\System\currentcontrolset\services\tcpip\parameters

I've tried flushing my dns, resetting the network adapter.

I've tried looking for other registry keys, editing adapter specific dns suffixes.

None of that appears to have an actual impact on this list, and yet, somehow that VPN client is ruining my network connections each time I use it.

The existing questions here on SU don't address this. Everything addresses the previously mentioned points, but not the values within this actual box. I've tried every variation with ZERO impact so far.

MattyMatt

Posted 2019-12-04T19:10:44.360

Reputation: 152

Answers

3

Important: Run these methods from an administrator elevated environment/shell/command prompt.

  1. Simply run Set-DnsClientGlobalSetting -SuffixSearchList @("") to remove all DNS suffixes entirely.

  2. With some PowerShell logic you can...

    • set the DNS name(s) to be excluded from the configuration list
    • run conditional logic in a loop and use a -notin comparison operator to set and append an [array] variable using the += assignment operator to build a list omiting the excluded DNS name
    • finally use the new list variable as the argument value to pass in with the Set-DnsClientGlobalSetting -SuffixSearchList @($nList); command

PowerShell Script

$ExcldDomain = "myDomain.com";                      ## Set excluded domain(s)
$s = (Get-DnsClientGlobalSetting).SuffixSearchList; ## Get current suffixes

$nList = @();
$s | % {If($_ -notin $ExcldDomain){[array]$nList += [array]$_}};

Stop-Service -Name "SONICWALL_NetExtender" -Force;
Set-DnsClientGlobalSetting -SuffixSearchList @($nList);

Supporting Resources

  • Get-DnsClientGlobalSetting

  • Set-DnsClientGlobalSetting

    -SuffixSearchList

    Specifies a list of global suffixes that can be used in the specified order by the DNS client for resolving the IP address of the computer name. These suffixes are appended in the specified order to resolve the computer name that is specified. This parameter value cannot be set if the suffix search list setting is already deployed through Group Policy.

  • About Comparison Operators

  • About Assignment Operators

    += Increases the value of a variable by the specified value, or appends the specified value to the existing value.

Pimp Juice IT

Posted 2019-12-04T19:10:44.360

Reputation: 29 425

@MattyMatt Go into services.msc and right click and stop a service named SonicWALL Netextender Service or something along those lines. Take note of the value of the Service Name once you double click the service and tell me what that is if this works.... but stop that service, run the PowerShell script elevated as per my answer, and then see if that removes it. If so, it may add it back upon connection but if you confirm this fixes it, tell me the service name, I will then update my answer with an edit to give you a way to do this with that logic rather than manually. Let me know. – Pimp Juice IT – 2019-12-05T23:18:41.403

Asked: 2019-12-04T19:10:44.360

Viewed: 103 times

Active: 2019-12-06T21:04:25.750