You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/windows-client/windows-security/troubleshoot-zero-trust-dns-guidance.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -41,13 +41,13 @@ If you experience connectivity issues after you deploy and enforce ZTDNS, follow
41
41
42
42
### Step 1: Verify that the trusted DNS servers are configured correctly
43
43
44
-
Make sure that at least one trusted DNS server uses ZTDNS. Open a Windows Command Prompt window, and then run the following command:
44
+
Make sure that at least one trusted DNS server is configured for ZTDNS. Open a Windows Command Prompt window, and then run the following command:
45
45
46
46
```console
47
47
netsh ztdns show server
48
48
```
49
49
50
-
This command displays all the trusted DNS servers that use Zero Trust DNS, including their protocol (DoH or DoT), IP address, and priority settings.
50
+
This command displays all the trusted DNS servers that are configured for Zero Trust DNS, including their protocol (DoH or DoT), IP address, and priority settings.
51
51
52
52
### Step 2: Test the connectivity to the trusted DNS servers
53
53
@@ -120,7 +120,7 @@ To identify services that need exceptions, review the BlockedConnections log. Fo
120
120
121
121
### Step 6 (Advanced): Disable ZTDNS
122
122
123
-
If you still can't resolve your primary issue, or if you can't configure an appropriate exception for a blocked service, disable ZTDNS. To disable ZTDNS enforcement and restore normal network connectivity, run the following command:
123
+
If you still can't resolve your primary issue, disable ZTDNS. To disable ZTDNS enforcement and restore normal network connectivity, run the following command:
124
124
125
125
```console
126
126
netsh ztdns set state enable=no audit=no
@@ -159,7 +159,7 @@ To troubleshoot these issues, follow these steps:
159
159
160
160
## How to find ZTDNS logs
161
161
162
-
On Windows devices in a ZTDNS environment, you can use Event Viewer to monitor all attempted connections and configuration changes. To locate the ZTDNS logs in Event Viewer, follow these steps:
162
+
On Windows devices that're configured to use ZTDNS, you can use Event Viewer to monitor all attempted connections and configuration changes. To locate the ZTDNS logs in Event Viewer, follow these steps:
163
163
164
164
1. In the Search bar, enter **Event Viewer**, and then select it from the search results.
165
165
1. In the left panel of Event Viewer, navigate to **Applications and Service Logs** > **Microsoft** > **Windows** > **ZTDNS**.
0 commit comments