rockydee
asked on
Event ID Warning: 2089
I have a Domain Controller running Server 2003, SP1. I am constantely getting the event:
Event Type: Warning
Event Source: NTDS Replication
Event Category: Backup
Event ID: 2089
Date: 10/06/2009
Time: 6:24:31 PM
User: NT AUTHORITY\ANONYMOUS LOGON
I run Symantec Backup Exec 12.5 on my Servers, and I am backing up the full Syatem State on both of my DC's. I have verified that the System State is backing up correctly.
Is there anything that can be done to get rid of this event. Unless I'm not doing something correctly???
Thank you.
Event Type: Warning
Event Source: NTDS Replication
Event Category: Backup
Event ID: 2089
Date: 10/06/2009
Time: 6:24:31 PM
User: NT AUTHORITY\ANONYMOUS LOGON
I run Symantec Backup Exec 12.5 on my Servers, and I am backing up the full Syatem State on both of my DC's. I have verified that the System State is backing up correctly.
Is there anything that can be done to get rid of this event. Unless I'm not doing something correctly???
Thank you.
take a look at this
http://support.microsoft.com/kb/914034
this might help you.
https://www.experts-exchange.com/questions/22110244/Event-ID-Warning-2089-NTDS-Replication.html
http://support.microsoft.com/kb/914034
this might help you.
https://www.experts-exchange.com/questions/22110244/Event-ID-Warning-2089-NTDS-Replication.html
ASKER
Ok, I'm getting a better handle on this, but there are still questions.
The answer that I've seen that makes the most sense is this one because my log files are "E:\NTDS":
Select "D:" (or a file in that volume) to force a shadow copy on it.
This, in turn will suppress the NTDS writer error. (I created a dummy text
file on the drive where my NTDS Log files were and included in the backup
set.)
The likely reason behind those error messages is that AD is configured such
that it keeps the databases and the logs on separate volumes.
The AD writer (NTDS) will report an error if you try to create a shadow copy
set that has one of the volumes but not the other.
The problem is that in this configuration (AD databases and logs are on a
different volume) NTBackup doesn't pick up the correct set of volumes.
By selecting system state, NTBackup requests for a shadow copy to be created
on the boot volume.
By the time NTBackup requests for the location of the AD database and logs,
the shadow copy has already been created.
Thus, NTBackup will not create a snapshot on "D:".
This throws the NTDS writer off, thinking that NTBackup is not going to pick
up all its data on D: thus causing an error.
My questions: Where do I select the alternate drive (first paragraph), registry? ntbackup?...
It also mentions putting a dummy text file in the directory where the log files are, what purpose does this serve and do I give it a .txt extension?
Thank you for all inputs.
The answer that I've seen that makes the most sense is this one because my log files are "E:\NTDS":
Select "D:" (or a file in that volume) to force a shadow copy on it.
This, in turn will suppress the NTDS writer error. (I created a dummy text
file on the drive where my NTDS Log files were and included in the backup
set.)
The likely reason behind those error messages is that AD is configured such
that it keeps the databases and the logs on separate volumes.
The AD writer (NTDS) will report an error if you try to create a shadow copy
set that has one of the volumes but not the other.
The problem is that in this configuration (AD databases and logs are on a
different volume) NTBackup doesn't pick up the correct set of volumes.
By selecting system state, NTBackup requests for a shadow copy to be created
on the boot volume.
By the time NTBackup requests for the location of the AD database and logs,
the shadow copy has already been created.
Thus, NTBackup will not create a snapshot on "D:".
This throws the NTDS writer off, thinking that NTBackup is not going to pick
up all its data on D: thus causing an error.
My questions: Where do I select the alternate drive (first paragraph), registry? ntbackup?...
It also mentions putting a dummy text file in the directory where the log files are, what purpose does this serve and do I give it a .txt extension?
Thank you for all inputs.
Hmm, the answer you're quoting is talking about NTBackup, not BackupExec. So I'm not sure that creating a dummy file would be very helpful. Did you try to run ntbackup at all (wizard based) to create a backup of system state? That should clear the message and reset the warning interval to 30 days.
ASKER
You're right, it is from NTBackup. I have been running BackUp Exec forever, and backing up System State. However, in my efforts to eliminate the above Event ID, I have even tried NTBackup, but that is erroring out on me, because my logs are on the "E:\" drive.
I did just re-read the Symantec post, and according to that, the logs HAVE to be back on the "C" drive in their default location. Unfortunatly, that can't really happen due to space limitations on "C" (whole different story).
So, to get rid of that Event, I would need to run the NTBackup (I think), but I just need the specifics on that dummy file. I'm still not sure of it's purpose, what to call it (if that's important), or how to use it.
I did just re-read the Symantec post, and according to that, the logs HAVE to be back on the "C" drive in their default location. Unfortunatly, that can't really happen due to space limitations on "C" (whole different story).
So, to get rid of that Event, I would need to run the NTBackup (I think), but I just need the specifics on that dummy file. I'm still not sure of it's purpose, what to call it (if that's important), or how to use it.
Not quite sure what the dummy file would solve; maybe it could fool ntbackup into thinking that it did a backup and thus make it reset the backup-period flag, but obviously that wouldn't give you a valid backup.
Might be better to actually get ntbackup to "just work". What error does it die with?
Might be better to actually get ntbackup to "just work". What error does it die with?
ASKER
Here is what NTBackup comes up with:
Backup Status
Operation: Backup
Active backup destination: File
Media name: "ADBackup.bkf created 10/12/2009 at 8:37 AM"
Volume shadow copy creation: Attempt 1.
"NTDS" has reported an error 0x800423f0. This is part of System State. The backup cannot continue.
Error returned while creating the volume shadow copy:800423f0
Aborting Backup.
----------------------
The operation did not successfully complete.
Backup Status
Operation: Backup
Active backup destination: File
Media name: "ADBackup.bkf created 10/12/2009 at 8:37 AM"
Volume shadow copy creation: Attempt 1.
"NTDS" has reported an error 0x800423f0. This is part of System State. The backup cannot continue.
Error returned while creating the volume shadow copy:800423f0
Aborting Backup.
----------------------
The operation did not successfully complete.
Ah, ok, so you'r eselecting the ntds folder separately? What happens if yoy simply do a SystemState backup using NTbackup? Doesn't that clear the backup-period flag corerctly if you use ntbackup?
ASKER
Honestly, I thought that was what I was doing... I just checked off System State, I didn't check off anything else.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The DB is on the C: drive, and the logs are on the E: drive. I don't remember WHY it got setup that way...
I'm not sure I'm comfortable making that kind of change (moving DB) on an active DC, I guess I wasn't expecting a procedure like that. The instructions in the article are clearcut, but the thought of the unexpected happening on a re-boot is enough to give me pause.
I'm sure it will work, but I think I have to err on the side of caution, and go with the empty file, then run NTBackup to clear the log and rely on Backup Exec as well.
Thank you sven for helping to make it clear for me.
I'm not sure I'm comfortable making that kind of change (moving DB) on an active DC, I guess I wasn't expecting a procedure like that. The instructions in the article are clearcut, but the thought of the unexpected happening on a re-boot is enough to give me pause.
I'm sure it will work, but I think I have to err on the side of caution, and go with the empty file, then run NTBackup to clear the log and rely on Backup Exec as well.
Thank you sven for helping to make it clear for me.
They assume that the default location was changed (not C:\Windows\NTDS and C:\Windows\SYSVOL any more). If that's the case, then the article suggests to either run a system state backup using NTBackup every 30 days - or to move the folders back to their default locations.
If that's not the case, then you can still run a ntbackup every 30 days - or try checkig the "set archive bit" option when running you BE backup.