Windows 2012R2 How to disable “Use root hints if no forwarders are available” using a powershell command

domain-name-systempowershellwindows

I'm setting up an automatic infrastructure orchestration of Windows 2012R2 machines using Ansible. I am creating domain controllers and DNS machines (resolvers, root servers and authoritative name servers). This infrastructure is not connected to the Internet.

I am providing specific forwarders in the domain controllers (to the resolvers). I am also actively removing all default root hints from the domain controllers DNS (I don want root hints here, these are for the resolvers). I have not removed the cache.dns file (yet). How can I disable the option to use the root hints if no forwarders are available using a Powershell command?

I have searched for any cmdlet on Microsofts' site, but have not found anything of use. This may perhaps also be some registry hack to be performed, but I don't know where to look.

Best Answer

You could try the Set-DnsServerForwarder cmdlet, with -UseRootHint $false parameter :

Set-DnsServerForwarder -UseRootHint $false

-UseRootHint < Boolean >

Prevents the DNS server from performing iterative queries. If you set UseRootHint to $false, the DNS server forwards unresolved queries only to the DNS servers in the forwarders list and does not try iterative queries if the forwarders do not resolve the queries.

https://technet.microsoft.com/en-us/itpro/powershell/windows/dnsserver/set-dnsserverforwarder

Related Topic