NTDS Replication Event 2089 is logged if Windows Server 2003 SP1 and later domain controllers are not backed up in a given time period
New behavior in Windows Server 2003 SP1The DSA Signature attribute is modified every time that a system state backup is made. The operating system monitors this attribute. An event error message is logged when the backup latency interval criteria are met. Any Windows Server 2003 SP1-based domain controller may log the event because the DSA Signature attribute is a replicated attribute.
Note The new event error message is not logged until a backup is made on a Windows Server 2003-based domain controller that is running Windows Server 2003 SP1. Only Windows Server 2003 SP1-based domain controllers log this event error message.
The default time period of the backup latency interval is half of the Tombstone Lifetime (TSL) for logging the event error message on the domain controller. The following list shows the difference in the default TSL values for a forest that is created on Windows Server 2003 and a forest that is created on Windows Server 2003 SP1:
- Windows Server 2003
By default, the TSL value in Windows Server 2003 is 60 days. Therefore, the event error message is not logged until 30 days after the last backup.
- Windows Server 2003 SP1
By default, the TSL value in new forest created by Windows Server 2003 SP1 is 180 days. The TSL value is 60 days in all other cases. The event error message in a forest with a 180 day TSL is not logged until 90 days after the last backup.
Deployment StrategyThe default value for the backup latency interval in a forest that uses the default TSL is insufficient to correctly warn administrators that partitions are not being backed up with sufficient frequency.
In the registry, administrators can specify a value for the Backup Latency Threshold (days) entry. This provides a simple method to adjust how soon event ID 2089, is logged if a backup is not made in a certain time period. Therefore, the time period reflects the backup strategies of the administrators. This event error message serves as a warning to administrators that domain controllers are not being backed up before the TSL expires. This event error message is also a useful tracking event to monitor applications such as Microsoft Operations Manager (MOM).
We recommend that you take system state backups that include each forest, domain, and application partition on at least two computers every day. We also recommend that you configure this event to occur every other day if a backup is not made. Third-party backup programs may use a method that calls the backup API that updates the attribute. When these programs use this method, it causes the DSA Signature attribute to be updated.
An event ID 2089 error message is logged in the Directory Service event log when a partition is not backed up during the backup latency interval. Only one event error message is logged each day for each partition that a domain controller hosts. The event error message is similar to the following:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Backup Event ID: 2089
Description: This directory partition has not been backed up since at least the following number of days.
"Backup latency interval" (days):
It is recommended that you take a backup as often as possible to recover from accidental loss of data. However if you haven't taken a backup since at least the "backup latency interval" number of days this message will be logged every day until a backup is taken. You can take a backup of any replica that holds this partition.
By default the "Backup latency interval" is set to half the "Tombstone Lifetime Interval". If you want to change the default "Backup latency interval" you could do so by adding the following registry key.
"Backup latency interval" (days) registry key:
System\CurrentControlSet\Services\NTDS\Parameters\Backup Latency Threshold (days).
- Start Registry Editor.
- Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
- Right-click Parameters, point to New, and then click DWORD Value.
- Type Backup Latency Threshold (days), and then press ENTER.
- Right-click Backup Latency Threshold (days), and then click Modify.
- In the Value data box, type the number of days to use as a threshold, and then click OK.
Article ID: 914034 - Last Review: 06/20/2014 10:46:00 - Revision: 3.0
- kbhowto kbinfo KB914034