How to Query SRV and Non-A Records Using nslookup in Non-Interactive Mode


1 views

When working with DNS records, you often need to query types other than A records (like SRV, MX, or TXT). The default nslookup behavior only queries A records unless you enter interactive mode and use set type=. Here's how to bypass interactive mode for cleaner scripting.

On Windows, use the following syntax:

nslookup -querytype=SRV _ldap._tcp.mydomain.com

Or the shorter version:

nslookup -qt=SRV _ldap._tcp.mydomain.com

For Linux systems (including CentOS), use dig instead for better non-interactive support:

dig SRV _ldap._tcp.mydomain.com

If you must use nslookup, the syntax is similar to Windows:

nslookup -querytype=SRV _ldap._tcp.mydomain.com

Querying common non-A records:

# MX records
nslookup -qt=MX example.com

# TXT records (for SPF/DKIM)
nslookup -qt=TXT example.com

# CNAME records
nslookup -qt=CNAME www.example.com

For more advanced DNS queries, consider these alternatives:

  • dig (Linux/Unix) - More powerful output formatting
  • host (Linux/Unix) - Simpler syntax for basic queries
  • PowerShell's Resolve-DnsName (Windows) - Better object-oriented output

When using these commands in scripts:

# Bash example parsing SRV records
result=$(dig +short SRV _ldap._tcp.mydomain.com)
while read -r line; do
    echo "Record: $line"
done <<< "$result"

For Windows batch scripts:

@echo off
for /f "tokens=*" %%a in ('nslookup -qt=SRV _ldap._tcp.mydomain.com ^| find "svr hostname"') do (
    echo Record found: %%a
)

When working with DNS records beyond simple A records, many sysadmins encounter frustration with nslookup's default behavior. The tool automatically queries A records unless specifically instructed otherwise, requiring interactive mode for other record types. This becomes particularly problematic when scripting or automating DNS checks.

Fortunately, there are ways to query SRV (or other non-A records) without entering interactive mode. Here are the most effective methods for both Windows and Linux systems:

# Windows syntax:
nslookup -querytype=SRV _ldap._tcp.mydomain.com

# Linux syntax:
nslookup -type=SRV _ldap._tcp.mydomain.com

Let's look at some real-world examples for common DNS record types:

# Query MX records for email routing:
nslookup -type=MX example.com

# Check TXT records for SPF/DKIM:
nslookup -type=TXT example.com

# Verify CNAME records:
nslookup -type=CNAME www.example.com

# Get SOA information:
nslookup -type=SOA example.com

While nslookup works, these alternatives often provide cleaner output:

# Using dig (Linux preferred):
dig SRV _ldap._tcp.mydomain.com

# Using host command:
host -t SRV _ldap._tcp.mydomain.com

For automation scenarios, you can chain multiple queries in a single command:

# Windows batch file example:
@echo off
nslookup -type=SRV _ldap._tcp.mydomain.com
nslookup -type=MX mydomain.com
nslookup -type=TXT mydomain.com

# Linux bash script example:
#!/bin/bash
nslookup -type=SRV _ldap._tcp.mydomain.com
nslookup -type=MX mydomain.com
nslookup -type=TXT mydomain.com

Be aware of these potential issues:

  • Case sensitivity in domain names (though DNS itself is case-insensitive)
  • Timeout issues with slow DNS servers (use -timeout option where available)
  • Different syntax between Windows and Linux versions