Jamf Nation Community

I've got a script for setting up DNS search domains on Ethernet interfaces available from here:

https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/set_dns_search_domains_on_...

It could likely be adapted to also provide DNS server settings.

I use the following script, then apply the script via policy.

sudo networksetup -setsearchdomains "Ethernet" "xxxxx.net" "xxxxx.com" "xxxxx.edu"
delay 5
sudo networksetup -setsearchdomains "Wi-Fi" "xxxxx.net" "xxxxx.com" "xxxxx.edu"

Agreed on the previous replies. Be aware that you need to identify the NIC # if the machine has multiples (aka. "Ethernet 1" or "Ethernet 2")

@rtrouton Thanks for that script! You just saved me the trouble of writing it. I tweaked it slightly to include Wi-Fi, other than that it fits our need perfectly.

I used this script today and I see it's working for ethernet interface but not for Wi-Fi. Is that how it's supposed to work? I guess I could see an issue with Wi-Fi if it pulls from different wi-fi organizations (work, home. restaurant, etc) and no Locations were set except the default. Just want to check and make sure.

@jonathanla I made this tweak to Rich's script so that it works on Wi-Fi as well as a few different network interface names that are in use by our client machines. You would need to change line 31 of the script to something like this:

ethernet_interface=($(networksetup -listallnetworkservices | awk '/Ethernet/ || /Corp/ || /Wi-Fi/ || /CORP/'))

The script is just for Ethernet, although you could change it to WiFi if needed by changing the awk '/Ethernet/' on line 31.

Thanks everyone. I modified it and it's running.

This helped me a TON! Thanks as always @rtrouton ...@stevehahn your tweak was very helpful as well!

Hey @rtrouton ... your script looks similar to mine!

https://github.com/franton/Set-DNS-info

You can specify the network service name with my script, so all ethernet or all vpn services ...

Thanks for these. Very helpful, but I didn't understand if there's a place in this script, or the others posted from JAMF (id=14892 and id=801). Once these search paths are entered, are they hardware based, or also location based? Meaning the Wi-Fi Search path in the office is different when at home or traveling and I don't want those search paths on those locations, but only Wi-Fi at our work location.

Any clarification would be appreciated.

In our company, we decided to go with DHCP option 119 : this way, when a Mac connects to the LAN, you get immediately the list of search suffixes that are valid/useful for the office where you are currently physically located.

So when people travel and connect to our LAN in another country for example, they immediately get the correct local list of suffixes for that country. This solution works well for Macs, as well as for iOS devices, and works obviously even if the devices are not enrolled. It requires the network team to maintain a different list for every "DHCP subnet group", but once done you are good.

Sure, you cannot do much when people are at home, but at home you probably do not need these search suffixes (if you do, then use FQDNs :-). )

I have found that sending the command with more than 3 search domains creates search domans with quotes around them "xxx" on each domain after the 3rd. How would one prevent this?

Example:
sudo networksetup -setsearchdomains "Ethernet" "xxxxx.net" "xxxxx.com" "xxxxx.edu" "xxxxx.edu" "xxxxx.edu"

Creates:
xxxxx.net xxxxx.com xxxxx.edu "xxxxx.edu"

FIXED: (duh)
networksetup -setsearchdomains Ethernet xxx.edu xxx.edu xxxx.edu x.edu xxx.com xxx.edu