DNS suffix search list GPO not overriding Default Domain Policy


  • Hi All,

    In the last hours I have been fighting with this issue

    In our domain we have a configuration to set DNS suffix for the search in the Default Domain Policy, I have been trying to override this setting for a few specific clients for testing purposes. Although the default domain policy is not enforced the OU specific policy is not overriding the settings, the specific policy only has as setting

    Computer Configuration\Policies\Administrative Templates\Network\DNS Client

    DNS Suffix search list - Disabled

    I also tried to move the client to a specific OU that has inheritance disabled and only that policy but running a gpresult /h I see that winning policy is Default Domain Policy, weird since that policy is not even applied being the inheritance blocked

    Also, the options in the Advance TCP/IP setting, DNS tab are greyed out and I can see selected "Append these DNS suffixes" and a list of suffixes

    The final outcome I would like to achieve is:

    - no dns suffix for the search

    - Append primary and connection specific DNS suffixes - enabled

    Any suggestion?


    Wednesday, May 6, 2015 2:48 AM


All replies