Basic syntax can be seen by typing "nslookup" at a command prompt. And then "?"
On a side note, don't get your hopes up about running the "ls -d" option and getting all records for a given domain. Most dns implementations disallow such requests by default nowadays.
Notice that once I entered nslookup it took me to an interactive mode. Nslookup can be run in either interactive or noninteractive mode. Noninteractive mode is useful when a single entry needs to be returned or perhaps if used in a script. Just enter all the options on a single line. Example:
nslookup [-option] [hostname] [server]
Back to the interactive mode. You may have noticed at the top of my screenshot, my default server was listed as "UnKnown." This is because I'm not logged into any sort of active directory domain. Thus, there is no entry for "Primary Dns Suffix" and the "DNS Suffix Search List" is localdomain.
By default nslookup will use these entries as shown below. I ran a query for google.com using my default settings, then I ran the "server" command to use google's dns server, 8.8.8.8, and then ran the same query for the google.com host record.
This is an important concept to remember when using the tool. If you don't specify the fully qualified domain name in your query it will use the "DNS Suffix Search List" entry. Just add the trailing "." at the end of your query to qualify it:
Thus far I've been focused on resolving host records (also known as A records in the world of DNS). These queries have answered the basic question, "What IP address does google.com resolve to?"
But, what if we want to know, "What is the mail server for google.com?" Then we'll just have to change our query "type" to mail exchange:
This is a very handy utility. I use it all the time. And, you'll be happy to know that even though I've listed it in my top ten Windows list, it is not a native Microsoft utility. So, you'll find it in pretty much any operating system you run into.
