Windows Domain Client Fails to Resolve Internal Hostnames Despite Functional nslookup: DNS Resolution Troubleshooting Guide


3 views

I recently encountered a perplexing issue where a Windows 7 domain client could resolve external DNS names perfectly but failed to resolve internal hostnames through normal methods. The twist? nslookup worked flawlessly for the same internal queries.

  • Successful external DNS resolution (e.g., www.google.com)
  • Internal IP connectivity working normally
  • Domain controller accessible by both hostname and IP
  • Internal hostname resolution failing for all applications except nslookup
  • Correct DHCP configuration with proper DNS servers and domain suffix

The network connection interface displayed an old VLAN name instead of the expected domain information. This visual clue suggested potential registry corruption or network profile issues.

Here's what I tried before identifying the root cause:

ipconfig /flushdns
netsh stop dnscache
netsh winsock reset catalog
netsh int ip reset
sfc /scannow

Wireshark revealed the smoking gun: normal DNS queries for internal names weren't even being attempted, while external queries worked normally. This pointed to a name resolution policy issue rather than a pure DNS problem.

The issue stemmed from incorrect Name Resolution Policy Table (NRPT) settings. Here's how to check and fix it:

# Check current NRPT rules
Get-DnsClientNrptPolicy | Format-Table -AutoSize

# Clear problematic NRPT rules (PowerShell)
Remove-DnsClientNrptRule -Name "CorruptedRule" -Force

# Alternative method via registry
reg delete "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters" /v "DnsPolicyConfig" /f
  1. Reset network components completely: 
    netsh int ip reset reset.log
netsh winsock reset
  2. Remove and reinstall network adapters in Device Manager
  3. Rejoin the domain after ensuring basic connectivity

To avoid recurrence, implement these Group Policy settings:

# Sample PowerShell to enforce DNS settings
Set-DnsClient -InterfaceIndex (Get-NetAdapter | Where Status -eq "Up").ifIndex 
    -ConnectionSpecificSuffix "domain.local" 
    -RegisterThisConnectionsAddress $true 
    -UseSuffixWhenRegistering $true

Regularly monitor DNS health with:

Test-DnsServer -IPAddress (your_DNS_server_IP) -Context DnsServer

I recently encountered a perplexing issue with a Windows 7 machine on our corporate domain where standard DNS resolution failed for internal hosts while nslookup worked perfectly. Here's a deep dive into the problem and solution.

The machine exhibited these specific behaviors:

  • External DNS resolution worked (ping www.google.com succeeded)
  • Internal IP communication functioned (ping 192.168.1.100 worked)
  • Direct DC communication succeeded (ping dc01 and ping dc01.domain.local worked)
  • Standard internal name resolution failed (ping server01 failed)

The machine received correct DHCP settings:

PS C:\> ipconfig /all
Ethernet adapter Local Area Connection:
   Connection-specific DNS Suffix  : domain.local
   DNS Servers . . . . . . . . . . : 192.168.1.10
                                     192.168.1.11

Wireshark revealed the root cause - the DNS client wasn't even attempting queries for internal names:

nslookup server01.domain.local  # Shows DNS request/response
ping server01.domain.local      # Shows zero DNS traffic

The network connection showed an old VLAN name instead of the domain name, indicating possible registry corruption. This PowerShell command confirmed the issue:

Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" -Name "Domain"
# Returned blank when it should show "domain.local"

After trying various fixes, this sequence resolved the issue:

  1. Reset network components: 
    netsh winsock reset
netsh int ip reset
ipconfig /flushdns
  2. Force DNS registration: 
    ipconfig /registerdns
Restart-Service dnscache
  3. Manually set the DNS suffix in registry: 
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" -Name "Domain" -Value "domain.local"
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\services\Tcpip\Parameters" -Name "SearchList" -Value "domain.local"

After rebooting, verify with:

Test-NetConnection -ComputerName server01 -InformationLevel Detailed
Get-DnsClientGlobalSetting | Select-Object SuffixSearchList

The machine should now properly resolve internal names through all standard Windows APIs, not just nslookup.