Policy
Use DNS name resolution when a single-label domain name is used, by appending different registered DNS suffixes, if the AllowSingleLabelDnsDomain setting is not enabled.
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows81, WindowsServer2012R2
This policy setting specifies whether the computers to which this setting is applied attemps DNS name resolution of single-lablel domain names, by appending different registered DNS suffixes, and uses NetBIOS name resolution only if DNS name resolution fails. This policy, including the specified default behavior, is not used if the AllowSingleLabelDnsDomain policy setting is enabled. By default, when no setting is specified for this policy, the behavior is the same as explicitly enabling this policy, unless the AllowSingleLabelDnsDomain policy setting is enabled. If you enable this policy setting, when the AllowSingleLabelDnsDomain policy is not enabled, computers to which this policy is applied, will locate a domain controller hosting an Active Directory domain specified with a single-label name, by appending different registered DNS suffixes to perform DNS name resolution. The single-label name is not used without appending DNS suffixes unless the computer is joined to a domain that has a single-label DNS name in the Active Directory forest. NetBIOS name resolution is performed on the single-label name only, in the event that DNS resolution fails. If you disable this policy setting, when the AllowSingleLabelDnsDomain policy is not enabled, computers to which this policy is applied, will only use NetBIOS name resolution to attempt to locate a domain controller hosting an Active Directory domain specified with a single-label name. The computers will not attempt DNS name resolution in this case, unless the computer is searching for a domain with a single label DNS name to which this computer is joined, in the Active Directory forest.
Registry values
How enabled and disabled states update the registry.
| Registry location | Type | Enabled value | Disabled value |
|---|---|---|---|
| HKLM\Software\Policies\Microsoft\Netlogon\Parameters\AllowDnsSuffixSearch | REG_DWORD | 1 | 0 |
Policy elements
Inputs and configuration options exposed by this policy.
This policy has no additional user input fields.
Other policies in this category
Explore related policies at the same level.
- ComputerBlock NetBIOS-based discovery for domain controller locationWindows10
- ComputerDo not process incoming mailslot messages used for domain controller location based on NetBIOS domain namesAt least Windows Vista
- ComputerDo not use NetBIOS-based discovery for domain controller location when DNS-based discovery failsAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerForce Rediscovery IntervalAt least Windows Vista
- ComputerReturn domain controller address typeAt least Windows Vista
- ComputerSet Priority in the DC Locator DNS SRV recordsAt least Windows Server 2003 operating systems or Windows XP Professional
- ComputerSet TTL in the DC Locator DNS RecordsAt least Windows Server 2003 operating systems or Windows XP Professional
- ComputerSet Weight in the DC Locator DNS SRV recordsAt least Windows Server 2003 operating systems or Windows XP Professional
- ComputerSpecify address lookup behavior for DC locator pingAt least Windows Server 2012, Windows 8 or Windows RT
- ComputerSpecify DC Locator DNS records not registered by the DCsAt least Windows Server 2003 operating systems or Windows XP Professional
- ComputerSpecify dynamic registration of the DC Locator DNS RecordsAt least Windows Server 2003 operating systems or Windows XP Professional
- ComputerSpecify Refresh Interval of the DC Locator DNS recordsAt least Windows Server 2003 operating systems or Windows XP Professional