Nslookup is a command-line tool for dns name resolution. Resolve-DnsName is the modern version of nslookup. In this blog post I am going to show how to use Resolve-DnsName to query DNS host names and much more.
Standard Query
To perform a standard query simply run the command and specify the host name. Format-Table is not necessary, but helpful.
Resolve-DnsName sid-500.com | Format-Table -AutoSize
Query without Host File
Remember: Your host will first query the host file and the DNS client cache. If and only if the host file and the cache return no result, the DNS Server is contacted. To avoid that, run Resolve-DnsName with the -NoHostFile parameter.
Resolve-DnsName sid-500.com -NoHostsFile
Query in Cache-Only Mode
To demontrate this, I will clear the Dns Client Cache and then try to query sid-500.com. This must lead to an error. Bingo!
Clear-DnsClientCache Resolve-DnsName sid-500.com -CacheOnly
Specify a DNS-Server
Resolve-DnsName without any parameter will contact your primary DNS-Server which is configured in the settings of your network card. The parameter -Server allows you to specify other DNS servers.
Resolve-DnsName sid-500.com -Server 8.8.8.8 | Format-List
Query for Records
Use the Type parameter to query for specific records.
MX Records (Mail-Server)
Resolve-DnsName cnn.com -Type MX
AAAA Records (IPv6 only)
Resolve-DnsName facebook.com -Type AAAA | Format-List
Wait a minute. Did you notice it? No? Then look at the facebook’s IPv6 Address again. 🙄 They have left nothing to chance.
LLMNR Only
To use only Link Local Multicast name resolution use the LlmnrOnly parameter. LLMNR will only work with computers which share the same local link.
Dc01 and my computer share the same link. It works.
Resolve-DnsName dc01 -LlmnrOnly | Format-Table -AutoSize
Sid-500.com is not on the same link. Which leads to an error.
Triple Name Resolution
"sid-500.com","facebook.com","cnn.com" | Resolve-DnsName -Type A | Format-Table -AutoSize
Another option is to use nslookup with Foreach-Object.
"sid-500.com","facebook.com","cnn.com" | ForEach-Object {nslookup $_}
Run Resolve-DnsName by using a file with Host Names
Use Get-Content to retrieve all the names from your file. Here is my text file …
And this is the command for A records (IPv4 Addresses) …
Or all NS Records …
Resolving DNS Names by using the TCP Connection Table
Ok, let me explain the following a little more closer. Get-NetTCPConnection gives me all current connections by IP-Address. Right? Ok. So, I tried to call all those connections and then decided to catch one of them and run Resolve-DnsName on it 😉
Get-NetTCPConnection
This gives me the connection to 40.77.229.45 and the local Port 12518. Well, that’s enough to proceed.
Resolve-DnsName (Get-NetTCPConnection -State Established -LocalPort 12518).RemoteAddress -Type PTR | Select-Object NameHost
Oh, it’s Microsoft 😉
Link: https://technet.microsoft.com/de-de/library/jj590781%28v=wps.630%29.aspx?f=255&MSPPError=-2147217396
Related Links
For checking network and domain connectivity see my articles The modern version of ping: Test-Connection and Checking connectivity to Active Directory: Test-ComputerSecureChannel.
Categories: PowerShell, Windows 10, Windows Server
My name is Patrick Gruenauer. From Austria.
SID-500.COM 
Really cool article. I wrote an article on my own blog to show how dangerous it can be to rely on nslookup. have a look.
https://blog.it-koehler.com/en/Archive/1669
LikeLike
Very good detailed article about Resolve-DNSName command. i was looking the way to export the results, that you did not mentioned. But i found my answer here: https://www.adexchangeadmin.com/resolve-dnsname-usage-powershell/
LikeLike
Thank you for your kind words.
LikeLiked by 2 people