DNS search options are sticky and not getting removed even after logging off from SD-Access application.

The unwanted DNS search options are still visible in ipconfig /all output.

VMware SD-Access , SDWAN-Client, Windows

This registry entry is used to specify a list of DNS suffixes that are appended to domain names when the system performs DNS queries. Essentially, it helps the system to resolve unqualified domain names by trying each suffix in the list.

Check in the Windows system Registry key for TCPIP Parameters.

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\SearchList

• Example:

  • If you set SearchList to example.com and example.org, and you try to access server1, DNS resolution will attempt server1.example.com and then server1.example.org.

• Effect on DNS Resolution: Proper configuration of the search list can help resolve internal domain names without needing to specify fully qualified domain names (FQDNs). This is particularly useful in corporate networks where multiple internal domains are in use.

• But at the same time if you have too many entries added to the SearchList then each shortname will be suffixed with the mentioned entries and will be sent for DNS resolution.

Remove any unwanted entries which should not be hardcoded to the Windows system

Modifying the SearchList Value

1. Open the Registry Editor:

   • Press Win + R, type regedit, and press Enter.

2. Navigate to the Key:

   • Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters.

3. Modify the SearchList:

   • Find the SearchList entry. It may be a REG_SZ (string) or REG_MULTI_SZ (multi-string) type.
   • If it's not there, you can create a new REG_MULTI_SZ value named SearchList.

4. Edit the List:

   • Double-click on SearchList to edit it.
   • Add each DNS suffix on a new line.

5. Apply and Restart:

   • After making changes, you’ll need to restart your computer for them to take effect.