When working with Windows based clients you usually don’t come across DHCP option 119 because Windows just doesn’t use it. The Domain Search List for Windows is configured using GPO and not DHCP. But if you also use Apple OS or Linux OS based systems you may want to use this option even if you operate a Windows DHCP Server. If so, you will notice that, by design, Windows DHCP servers do not know anything about an option #119. You’ll have to configure that first.
If you finally have option 119 available for configuration you’ll see that you can’t easily configure it using the gui, because it wants you to submit hex values instead of domain names:
Details on the format and how it exactly works can be found at https://tools.ietf.org/html/rfc3397.
If you don’t want to figure it out on your own, you can use a simple Powershell script which asks for a domain search list and a DHCP Scope Id to be configured:
DHCP Console before running the script:
DHCP Console after running the script:
It would appear that since Windows 10 build 1803 the Windows client does now respect DHCP option 119 and does use it. I’m struggling to find this in any official Microsoft changelog but my testing so far does show the default Windows behaviour has changed.
Jon.ET,
Have you been able to confirm that information?
Confirmed. Today I used that PS script on a Windows 10 1809 build 17763.134 and it worked! Thanks!
I have not been able to get your script to enter the data in Windows 2012/2016 servers.
Set-DhcpServerv4OptionValue command errors without updating DHCP.
I modified your output with the following syntax that seems to work to populate DHCP (WinServer2012/2016 verified):
Write-Output ” ”
Write-Output ” ”
Write-Output “Execute the following lines in an Administrator cmd prompt.”
Write-Output ” ”
Write-Output ” ”
Write-Output “To create OptionID 119 in DHCP (only need to do once):”
Write-Host -NoNewline -ForegroundColor red “netsh dhcp server add optiondef 119 `”Domain Search List`” dword 1 comment=`”DNS search path`””
Write-Output ” ”
Write-Output ” ”
Write-Output “To add your DNS search path to OptionID 119:”
Write-Host -NoNewline -ForegroundColor Green “netsh dhcp server scope $scopeToConfigure set optionvalue 119 dword 0 “$domainSearchListHexArray
Write-Output ” ”
Write-Output ” ”
Write-Output ” ”
Write-Output “To verify your DNS search path in OptionID 119:”
Write-Host -ForegroundColor Green “netsh dhcp server scope $scopeToConfigure show optionvalue “
Corrections to comments above.
1. I was incorrectly using dword not byte in the creation of the option 119 in DHCP.
To correctly add the option in DHCP w/o the gui:
netsh dhcp server add optiondef 119 “Domain Search List” byte 1 comment=”DNS search path”
2. Your script worked as a expected when ran as administrator.
On Windows Server 2012R2 DHCP server
Added option 119 parameter,
Windows 10 1903 clients provide DNS search domain list
I confirmed that automatic distribution was possible.
Thank you for information.
Not working on my 1809 boxes. However, it works fine on my 1909 machines – so logically it should work on 1903 as well.
And stop putting this into your servers as a byte array: it’s hard to visualise and hard to work with – specify it as binary instead.
Further, note the RFC 3397 requirements for “searchstring compression” – while it works fine (at least on the Windows machines I’ve tested it against), it’s not RFC-compliant.
When I use it together with option 05 the client eat the first letter of the dns search list. Very weird stuff.
Where can we find the script mentioned in this article? I feel silly not being able to find it.
It is right there in the middle of the post. If you deactivated javascript you may not see it – if so you can find it at https://gist.github.com/norman-bauer/52e28559d8d4420169784bce70873122
older versions of windows used option 135
I was trying to run this script on Server 2019
John Grawl’s comment was spot on
I first needed to run from admin command prompt: netsh dhcp server add optiondef 119 “Domain Search List” byte 1 comment=”DNS search path”
Then script worked for me