15

The icon for one of the conditional forwarders on an Active Directory DNS server I manage has a standard warning icon (yellow triangle with exclamation point) overlay (all names have been changed to protect the innocent):

enter image description here

I've scoured the included .chm documentation, sifted through the Technet docs with a fine-tooth comb, googled and googled until my fingertips got sore, but I haven't been able to find any explanation anywhere of what this means. Looking at the details pane of the properties yields no clues.

For the DHCP console, there's a handy icon reference, but I can't find anything similar for DNS Manager.

Here's some context, although I want to focus specifically on what this icon means, and whether there's an icon reference for DNS Manager.

A few days ago I added a couple of IP addresses to the Conditional Forwarders list for a particular domain (let's call it differentdomain.com) on several DNS servers in two other forests. (The conditional forwarders are configured per DNS server, not replicating through Active Directory).

Everything was working fine, but today one of the DNS servers on which I made the change is not resolving hostnames in differentdomain.com. For any hostname in that domain, nslookup throw the error

*** dc-with-adi-zone.companydomain.com can't find whateverhostname.differentdomain.com: Non-existent domain

None of the other DNS server on which I made the same change are having this problem, and they all have the exact same conditional forwarder configuration for differentdomain.com. The server that's having the problem has several other conditional forwarders configured, and there are no problems with any of them.

Adi Inbar
  • 317
  • 2
  • 13
  • Yes, and `nslookup whateverhostname.differentdomain.com #.#.#.#` (where `#.#.#.#` is any of the IP addresses in the conditional forwarders list) works fine. However, I want to emphasize that first and foremost my question is "what does this icon mean, is there any documentation anywhere for it, and is there any reference for the icons in DNS Manager in general?" It's driving me crazy that I can't find any reference at all to what this overlay means on a conditional forwarder icon. – Adi Inbar Mar 12 '14 at 00:17
  • Have you checked the DNS server logs? – Davidw Mar 12 '14 at 00:25
  • Yes, there was nothing useful there. But everyone seems to be focusing on this in terms of finding a solution to the problem, and I want to emphasize again, the question is "what does the warning overlay mean on this icon, and is this (and preferably DNS Manager icons in general) documented anywhere?". I actually have the problem fixed now. I restarted the DNS Server service, and now it's resolving hostnames in that domain. And yes, the mysterious warning overlay is gone. But I still don't know what it means, other than generally that something is wrong with the conditional forwarder (duh!). – Adi Inbar Mar 12 '14 at 00:39
  • 3
    *other than generally that something is wrong with the conditional forwarder (duh!).* Yes, that! Or probably more specifically it cannot communicate with the DNS server at the other end, thus the forwarder will fail. I'm not getting this from any documentation, just what I think it is :-) – Snellgrove Apr 15 '14 at 10:38
  • Check the host file and flush the local dns cache (ipconfig /flushdns) – Glen Jul 22 '14 at 06:52
  • @Glen Once again...the question is not "how do I resolve this problem?" The name resolution problem was resolved by restarting the DNS Server service on the affected computer, but that was never the question in the first place. The question is: What does this icon mean, and are the icons in the DNS Manager snap-in documented anywhere? – Adi Inbar Jul 22 '14 at 19:17
  • I see. My assumption is that the icon indicates a failure to resolve to the correct address, because of a host file or a stale record. (Hence flushing dns or restarting the dns services flushes the cache.) This is just a comment, I'm not answering your question. – Glen Jul 22 '14 at 23:34
  • @Glen That assumption is incorrect, because there is no such thing as "the correct address" in this context. This is not a DNS query tool that is attempting to resolve a particular address, this is the management console for the DNS server. I don't see how a stale record, hosts file, or flushing the DNS cache could have anything to do with this, because it doesn't pertain to a particular record, nor is this in any way related to the local computer or a specific DNS client. The DNS server was returning no results for any query from any client for any record in the zone marked by that icon. – Adi Inbar Jul 23 '14 at 00:41
  • The icon obviously indicates some problem with that zone on that DNS server. I can *speculate* all night long about what it might mean, but I can't find a definitive answer. – Adi Inbar Jul 23 '14 at 00:42

3 Answers3

1

That icons means something is wrong and nothing else. It's a generic indication of a problem and it's not meant to convey a specific error message. For that you should look at the event log and perform the usual investigation steps.

I checked the DHCP icons and, if they really mean what the documentation says, they are really misleading (e.g. a server with a "stop" overlay means the user doesn't have admin rights? Shouldn't it mean the server is stopped? My point is an icon cannot provide complete information unless the information range is really limited).

You should not rely on icons to get a complete picture of what is wrong. Do not obsess over the meaning of them. Event logs are much more reliable, comparatively, and the warning icon should be enough information for the system administrator to notice something is not right and start investigating.

I don't think the ServerFault community will be able to provide a specific answer, unless we've the Windows Network core development team here.

Giovanni Tirloni
  • 5,693
  • 3
  • 24
  • 49
  • 2
    It's not remotely reasonable to infer from the mere fact that I asked what the icon overlay means that I rely on icons to get a complete picture of what's wrong. Nor did I ask for generic, rudimentary advice on how to go about troubleshooting, and it's not remotely reasonable to infer that I need that sort of advice. You seem to have missed the fact that in the original question and several of the comments I specifically stated that the DNS resolution problem was already resolved, had been included only for context, and that I am expressly ***not*** asking for assistance in resolving it. – Adi Inbar Aug 04 '14 at 22:14
  • 1
    Regarding the question I actually *did* ask, referring to interest and curiosity as "obsessing" is gratuitous and rude, and the fact that you don't personally think it's important doesn't mean that it's not a worthwhile question for someone else to ask. In any case, the purpose of answers is not to express your subjective personal opinions on whether you think the question is important. Frankly, I find this "answer" pedantic, patronizing, and rife with hasty conclusion-jumping rather than in any way helpful. – Adi Inbar Aug 04 '14 at 22:16
  • 3
    Sorry if I misunderstood your question. Your rather long comment here made me realize that was in fact what happened. To answer your original question: the warning icon in DNS Manager means there is a warning condition that needs investigation. I'm glad the issue has been resolved by now. Best of luck. – Giovanni Tirloni Aug 06 '14 at 01:14
0

To possibly find the cause, try this in a cmd prompt as admin: 

dcdiag /test:dns
Jeter-work
  • 825
  • 4
  • 15
0

This means your dc/dns is having issue replicating itself, do you have network teaming by any chance? try to break it

Besides, i am pretty sure event log will give you a clue to the exclamation mark icon

Pixel
  • 146
  • 5