If you want to use Secure DNS in Google Chrome, and the computer is in a Windows domain, the following information appears: This setting is managed by your administrator !!
In Google Chrome settings, the “Use secure DNS” option cannot be enabled; the slider on the right is inactive (grayed out). This occurs when the computer belongs to an organization and is part of a Windows domain. A pop-up window appears above the icon stating that this setting is managed by your administrator.
The “Use secure DNS” setting can still be enabled. To do this, two registry keys need to be added. Open a command prompt as administrator and run the following lines using copy and paste.
REG ADD "HKLM\SOFTWARE\Policies\Google\Chrome" /v "DnsOverHttpsMode" /t REG_SZ /d "automatic" /f
REG ADD "HKLM\SOFTWARE\Policies\Google\Chrome" /v "DnsOverHttpsTemplates" /t REG_SZ /d "https://cloudflare-dns.com/dns-query https://dns.google/dns-query" /fAfter adding the registry keys, Chrome needs to be restarted; the DNS settings will still not be displayed, but will be applied by Chrome.
How can I verify “Chrome Secure DNS” ?
In the Chrome address bar type chrome://net-internals/#dns and press Enter. Now enter URL in the Domain field, e.g., news.google.com and click Lookup.
This should display output similar to the following::
Resolved IP addresses of “news.google.com”: [“142.250.204.142”].
No alternative endpoints.
Also helpful and possibly necessary is clearing the host cache, and possibly flushing socket pools under Sockets.
In managed organizations, Google Chrome may still need to be checked for policies, using the URL chrome://policy/#dns
What is Secure DNS?
Secure DNS (Domain Name System) is a service that protects your internet traffic by encrypting DNS queries and filtering out malicious websites. It prevents third parties, such as Internet Service Providers (ISPs), from tracking your browsing habits and safeguards against redirection to phishing sites. The primary technologies are DNS over HTTPS (DoH) or DNS over TLS (DoT).
