/
  • Last updated
/
  • 4 min read

How to Enable or Disable Discovery of Network-designated Resolvers (DNR) in Windows 11

by Raine Grey, Technical Writer
How to Enable or Disable Discovery of Network-designated Resolvers (DNR) in Windows 11 blog banner image

Instant Summary

Summarize Blog

This NinjaOne blog post offers a comprehensive basic CMD commands list and deep dive into Windows commands with over 70 essential cmd commands for both beginners and advanced users. It explains practical command prompt commands for file management, directory navigation, network troubleshooting, disk operations, and automation with real examples to improve productivity. Whether you’re learning foundational cmd commands or mastering advanced Windows CLI tools, this guide helps you use the Command Prompt more effectively.

Free Trial

Discovery of Network-designed Resolvers (DNR), as their names suggest, allows users to automatically discover encrypted DNS servers. This IETF standard eliminates the need to manually find out the IP address of a desired encrypted DNS server and configure it.

In this guide, we’ll explain how to enable or disable DNR in Windows using various methods, including the Registry Editor and Command Prompt. We’ll also include tips for enterprise deployment and key considerations.

💡 Important: DNR is supported starting with Windows 11 build 25982 (Canary) and is currently limited to Windows Insider Preview builds, as the feature is still being standardized and general availability has not yet been confirmed.

📌 Recommended deployment strategies:

Choose a Method

 💻

Best for Individual Users

 💻💻💻

Best for Enterprises
Method 1: Using Registry Editor
Method 2: Using Command Prompt 
Method 3: Automation via scripts/RMM tools 

Methods to enable or disable DNR in Windows 11

Method 1: Using Registry Editor

📌 Use Cases: Recommended for one-off configurations on personal or test machines.

📌 Prerequisites:

  • Windows 11 build 25982+ (Insider Preview)
  • This method requires only local administrator access.
  • It is strongly recommended that you back up the Windows Registry before proceeding. Incorrect configurations can lead to system instability.

Steps:

  1. Press Win + R, type regedit, and click Enter.
  2. Go to:
    • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
      Note:       The Parameters key stores advanced DNS Client (Dnscache) settings. The EnableDnr value must be created here for Windows to recognize the configuration.
    • If you don’t see the Parameters key, you need to create it.
      1. Right-click on Dnscache
      2. Select New > Key
      3. Name it Parameters
  3. In the right pane, right-click and select New > DWORD (32-bit) Value.
    • A DWORD value is used in the registry to enable or disable features like DNR.
  4. Name the new value EnableDnr
    • To enable DNR: Double-click EnableDnr and set the Value data to 1
    • To disable DNR: Set the Value data to 0.
  5. Click Ok and close the Registry Editor.
  6. Restart your computer to apply the changes.

Method 2: Using Command Prompt

📌 Use Cases: Suitable for IT admins managing multiple devices.

📌 Prerequisites: 

  • You must have admin privileges to open an elevated Command Prompt.
  • Windows 11 build 25982+ (Insider Preview)

Steps:

  1. Open Command Prompt as an administrator.
  2. To enable DNR, run:
    reg add “HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters” /v EnableDnr /t REG_DWORD /d 1 /f
  3. To disable DNR, run:
    reg add “HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters” /v EnableDnr /t REG_DWORD /d 0 /f
  4. Restart your PC to apply the changes.

To confirm the change

After restarting, you can verify whether DNR is enabled by running the following command in an elevated Command Prompt:

reg query “HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters” /v EnableDnr
  • A value of 0x1 confirms DNR is enabled. 
  • A value of 0x0 confirms it is disabled.

Optional (PowerShell check)

You can also confirm with PowerShell by running:

Get-ItemPropertyValue -Path “HKLM:\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters” -Name EnableDnr

This will return 1 if enabled and 0 if disabled.

Method 3: Automation via scripts/RMM tools

📌 Use Cases: Useful for MSPs and IT teams that manage distributed fleets and need to automate the enforcement of consistent DNS encryption policies across all devices.

📌 Prerequisites:

  • You need a centralized deployment infrastructure, such as NinjaOne.
  • Access to the managed device registry
  • Windows Insider builds on target machines

Steps:

  1. Create a .reg file with the following content:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters]

    “EnableDnr”=dword:00000001

    💡 Note: To disable DNR, change the value to 00000000. 

  2. Push the .reg file using your chosen RMM platform, GPO script, or custom automation.
  3. Schedule a restart via automation (or notify users) to finalize the change.

Additional considerations when modifying DNR in Windows

  • No Group Policy: Since no Group Policy setting is available to manage DNR at the time of writing, configurations must be applied using the Registry or Command Prompt.
  • Enterprise deployment: In enterprise environments, administrators can deploy the registry settings using scripts or configure management tools to enable or disable DNR across multiple devices.
  • DHCP server requirements: For DNR to function, the network’s DHCP server must support server-side DNR options (OPTION_V4_DNR for DHCPv4 or OPTION_V6_DNR for DHCPv6).
  • Security implications: Enabling DNR enhances security by allowing automatic configuration of encrypted DNS, reducing the risk of DNS spoofing and eavesdropping.

Simplify DNS management by modifying DNR in Windows

DNR is a significant step forward in simplifying and securing DNS configuration in Windows environments. This feature, currently in Windows 11 Insider builds, allows IT admins to test automatic encrypted DNS deployment without modifying client configurations.

Related topics: 

Start your Free Trial
Embracing Automation at Every Level

FAQs

There is no single “best” DNS for every user. Each DNS has its own use case and shortcomings. It is highly recommended that you choose the one that best aligns with your priorities, such as speed, privacy, security, etc. That said, here are some popular and well-regarded options:

DNS Provider Primary DNS Secondary DNS Key Features
Cloudflare (1.1.1.1) 1.1.1.1 1.0.0.1 Fast, privacy-focused, supports DoH/DoT
Google DNS 8.8.8.8 8.8.4.4 Reliable, widely used, supports DoH
Quad9 9.9.9.9 149.112.112.112 Security-focused (blocks malicious domains)
OpenDNS 208.67.222.222 208.67.220.220 Parental controls, enterprise-grade options

💡 Tip: When using encrypted DNS (like DNS over HTTPS), ensure your chosen provider supports the protocol and is configured in the system settings or via DNR (if supported).

DNR stands for Discovery of Network-designated Resolvers, a new feature introduced in Windows 11 Insider Preview build 25982 and later.

It allows Windows devices to automatically discover encrypted DNS servers (e.g., DoH or DoT) broadcast by the network’s DHCP server, effectively eliminating the need for manual setup.

Keep in mind that DNR only works if both the Windows client and the DHCP server support it. As of now, this is only available in Windows 11 Insider builds.

You might also like

How to Send Files to an Android Mobile Device From a Windows 11 PC blog banner image

How to Send Files to an Android Mobile Device From a Windows 11 PC

How to Enable or Disable New Photo Notifications From Mobile Devices in Windows 11 blog banner image

How to Enable or Disable New Photo Notifications From Mobile Devices in Windows 11

How to Add or Remove Safe Mode in Windows 11 Context Menu blog banner image

How to Add or Remove Safe Mode in Windows 11 Context Menu

How to Enable or Disable Custom Scrollbars in Microsoft Edge blog banner image

How to Enable or Disable Custom Scrollbars in Microsoft Edge

How to Reset a Windows 11 PC blog banner image

How to Reset a Windows 11 PC

How to Fix Network Error 0x80070035 "The Network Path Was Not Found" in Windows blog banner image

How to Fix Network Error 0x80070035 “The Network Path Was Not Found” in Windows

Back to Blog Home
Ready to simplify the hardest parts of IT?
Start a Free Trial
Get a demo

NinjaOne Terms & Conditions

By clicking the “I Accept” button below, you indicate your acceptance of the following legal terms as well as our Terms of Use:

  • Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms.
  • Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party.
  • Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library belonging to or under the control of any other software provider.
  • Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations.
  • Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks.
  • Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script.
  • EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).
I Accept