Windows Server 2012 Problem with Events ( 2089, 3041, 2887)

Question

Yoyo guys, how are u? I came here cuz i'm having lots of trouble with my windows server 2012. Everyday when I first open the server interface there are 3 Events that I'm trying to fix for weeks and they keep haunting me.

EVENT ID 3041:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS LDAP" />
<EventID Qualifiers="32768">3041</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>16</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2021-01-26T12:24:08.688379000Z" />
<EventRecordID>18732</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="704" />
<Channel>Directory Service</Channel>
<Computer>[bar].[foo].local</Computer>
<Security UserID="x-x-x-x" />
</System>
<EventData />
</Event>

EVENT ID 2887:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS LDAP" />
<EventID Qualifiers="32768">2887</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>16</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2021-01-26T12:24:08.688379000Z" />
<EventRecordID>18733</EventRecordID>
<Correlation />
<Execution ProcessID="556" ThreadID="704" />
<Channel>Directory Service</Channel>
<Computer>[bar].[foo].local</Computer>
<Security UserID="x-x-x-x" />
</System>

• <EventData>
  <Data>20</Data>
  <Data>0</Data>
  </EventData>
  </Event>

And the last and worst one, that is making me crazy.

EVENT ID 2089:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

• <System>
  <Provider Name="Microsoft-Windows-ActiveDirectory_DomainService" Guid="{0e8478c5-3605-4e8c-8497-1e730c959516}" EventSourceName="NTDS Replication" />
  <EventID Qualifiers="32768">2089</EventID>
  <Version>0</Version>
  <Level>3</Level>
  <Task>14</Task>
  <Opcode>0</Opcode>
  <Keywords>0x8080000000000000</Keywords>
  <TimeCreated SystemTime="2021-01-25T13:24:08.796425800Z" />
  <EventRecordID>18728</EventRecordID>
  <Correlation />
  <Execution ProcessID="556" ThreadID="704" />
  <Channel>Directory Service</Channel>
  <Computer>[bar].[foo].local</Computer>
  <Security UserID="x-x-x-x" />
  </System>
• <EventData>
  <Data>DC=DomainDnsZones,DC=[foo],DC=local</Data>
  <Data>90</Data>
  <Data>System\CurrentControlSet\Services\NTDS\Parameters</Data>
  <Data>Backup Latency Threshold (days)</Data>
  </EventData>
  </Event>

As you can see below, I already added the reg key and this EVENT keeps happening everyday.

We're using a Dell T110-II running WS 2012 Fundatition

Answer 1

Hi,

It seems that some client are not using secure protocol like LDAP signing for LDAP connection. You can ignore this alert if you can't force all clients using LDAP signing.

event-id-2887-display-error-again-and-again

Regarding the second alert EVENT ID 2089 , it remind you that you don't have backup since 90 days. It's recommended to have at least a full backup of 2 domain controllers per domain. To remove this alert , you should backup a domain controller per domain.

ntds-replication-event-2089-backup-latency-interval

----------

Please don't forget to mark helpful reply as answer

Answer 2

Hi,

I am glad to hear that your issue was successfully resolved\I am pleased to know that the information is helpful to you. If there is anything else we can do for you, please feel free to post in the forum.

Best Regards,
Vicky

Answer 3

First of all ty for your answer.

At the event 2089 I set the register key "Backup latency interval" to 9000 days, shouldn't it work? At least to send the messages away?