JSI Tip 8953. How do I detect and recover from a USN rollback in Windows 2000 Server?

Microsoft Knowledge Base Article 885875 contains the following summary:

This article describes the operations that Active Directory-aware backup programs and the Windows operating system perform to maintain consistent copies of Active Directory partitions when you restore the system state on a domain controller in a common Active Directory forest.

To roll back the contents of an Active Directory database, restore the system state by using an Active Directory-aware backup utility. If you use any other method, replication partners in the forest may not be notified that your domain controller has started its operating system by using an earlier version of the Active Directory database.

When such "USN rollbacks" occur, modifications to objects and attributes that occur on one domain controller do not replicate to other domain controllers in the forest. However, no Active Directory replication errors are reported in the event logs of the affected domain controllers. Additionally, replication-monitoring utilities such as Repadmin.exe do not detect any replication errors.

Generally, during a USN rollback, user accounts and computer accounts exist on one domain controller but do not exist on another. Alternatively, the passwords for a user account may be inconsistent between domain controllers in a common domain, and logon operations may fail.

After hotfix 885875 is installed, a Microsoft Windows 2000 domain controller logs Directory Services event 2095 when it encounters a USN rollback. The text of the event message directs administrators to this article for recovery options.

Because it is difficult to detect and recover from a USN rollback, we recommend that administrators install hotfix 885875 on all Windows 2000 domain controllers, especially those in virtualized hosting environments.

For a Microsoft Windows Server 2003 version of this article, see 875495.

Contents

  • SUMMARY
  • INTRODUCTION
  • MORE INFORMATION
    • Typical behavior that occurs when you restore an Active Directory-aware system state backup
    • Software and methodologies that cause USN rollbacks
    • The effects of a USN rollback
    • Detecting a USN rollback on a domain controller that is running Windows 2000
    • Detecting a USN rollback on a Windows 2000 domain controllers that has the 885875 hotfix installed
    • Recovering from a USN rollback
    • Hotfix information



Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish