I used to think that it was not possible to set IP address information via Group Policy however I did some checking this week and was pleased to find that there was a way to configure your computers DNS Server addresses. Unfortunately this setting only applies to Windows XP, however lots of people still use XP so it is still somewhat relevant. This setting is simple called “DNS Servers†and can be found under Computer Configuration > Administrative Template > Network > DNS Client.
Figure 1.
To configure this setting simple check Enabled and type each IP address of the DNS Servers with a space between them.
While DNS Server settings are normally configured via DHCP this option can be really handy when you have two separate Active Directory forests on the same LAN. This is common where two companies have physically merged but still run separate AD’s forests connected to the same network. Now for name resolution you can setup DNS forwarders from forest A to forest B however this does not work for dynamic DNS registrations of the computer names.
Note: When this setting is applied its a little bit tricky to confirm that it has actually applied as both the network properties (see figure 2.) and even and ipconfig /all will show the manually configured IP DNS setting (see figure 3.). However if you do a NSLOOKUP (also see figure 3.) you will notice that the DNS server that it uses is the DNS Server that is configured in the Group Policy or alternatively you can just rely upon an rsop.msc report.
Figure 2.
Figure 3.
Blog Post: Group Policy Setting of the Week 22 – DNS Servers http://bit.ly/9aiGW6
Group Policy Setting of the Week 22 – DNS Servers http://bit.ly/9aiGW6
RT @grouppolicy_biz: Blog Post: Group Policy Setting of the Week 22 – DNS Servers http://bit.ly/9aiGW6
You said “Unfortunately this setting only applies to Windows XP”. I tested that and it’s like that. But, why doesn’t it work on Windows 7? What can we do when we have mixed Xp and 7?
if you have windows 7 there is another method to change dns servers
first you should add the users in the restricted groups and be members of network operators group
then you creat a login script ( .bat ) containing the following lines
Netsh int ip add dns “Local Area Connection” 10.1.222.3
Netsh int ip add dns “Local Area Connection” 198.153.194.50 index=2
where 10.1.222.3 is the prefered dns server or the domain server ip
and 198.153.194.50 is the alternate dns server
Local Area Connection can be changed to wireless or whatever connection adapter is used ” case senstive “
You solution will technically work… but I would definitely be using DHCP as the primary preferred option to set up DNS addresses.