- SystoLOCK in review: Logging in to Active Directory with multi-factor authentication without passwords - Tue, Dec 5 2023
- New Group Policy settings in Windows 11 23H2 - Mon, Nov 20 2023
- Windows Server 2025 will support SMB over QUIC in all editions - Fri, Nov 17 2023
nslookup is essentially a DNS client that can be used to check the name resolution. For a simple query of a hostname, you can pass the hostname as a parameter:
Interactive mode of nslookup
For operations that require multiple commands, the utility is usually used in interactive mode. To do so, you invoke it without arguments and then land on a prompt. By typing Help, you can display all available commands.
If you simply type the name of a host here, nslookup returns the A or AAAA entry of the host. Via commands such as
you can also query other records, such as CNAME, MX, NS, or PTR.
In dual-stack environments where IPv6 is not properly maintained and where the clients do not have a correct DNS server configured for IPv6, the Windows implementation of nslookup always fails. In this case, it does not make another attempt via IPv4.
PowerShell has its own cmdlet that can perform the tasks of nslookup. Unlike the traditional utility, it does not provide an interactive mode; rather, you supply Resolve-DnsName all the necessary information as parameters.
Another difference is that the cmdlet does not fail over an invalid IPv6 configuration, but rather follows up with a query over IPv4.
In the simplest case, you invoke the cmdlet with the desired hostname as a parameter:
If you want to direct the query to a specific DNS server, then specify it using the Server parameter:
Resolve-DnsName dc.contoso.com -Server 192.168.0.1
As an alternative to the IP address, you can also use the host name of the DNS server.
If you want to narrow down a name resolution problem to DNS and prevent it from being done via NetBIOS in the event of failure, then add the DnsOnly switch:
Resolve-DnsName -Name dc.contoso.com -DnsOnly
A hosts file can also interfere with investigating DNS problems. It can be ignored with the NoHostsFile switch:
Resolve-DnsName -Name dc.contoso.com -NoHostsFile
Conversely, you can use NetbiosFallback or LlmnrFallback to ensure that NetBIOS or Link Local Multicast Name Resolution (LLMNR) are applied if DNS resolution fails.
Finally, it is even possible to examine only name resolution based on these legacy protocols by using the LlmnrOnly or LlmnrNetbiosOnly parameters. The CacheOnly switch also provides an interesting option if a DNS server is currently unreachable or the cache contains outdated entries.
Like nslookup, Resolve-DnsName retrieves the A or AAAA record for the host by default. You can also use the Type parameter to query other DNS entries.
The long-standing nslookup still serves its purpose, and not only for the simple resolution of a hostname passed to it as a parameter. It also provides an interactive mode where you can issue multiple commands that don't need to be preceded by nslookup each time.
Subscribe to 4sysops newsletter!
PowerShell offers more options with Resolve-DnsName, which can also examine older Microsoft protocols for name resolution. It can also specifically hide the hosts file or use only the cache.