If the domain has two or more domain controllers and you need to recover one of the controllers or its database, consider taking action against a USN rollback.
A USN rollback is unlikely to occur when you recover an entire domain controller from a VSS-based disk-level backup.
A USN rollback is highly probable if any of the following is true:
The following information will help you avoid a USN rollback by taking a few simple steps.
Replication and USNs
Active Directory data is constantly replicated between the domain controllers. At any given moment, the same Active Directory object may have a newer version on one domain controller and an older version on another. To prevent conflicts and loss of information, Active Directory tracks object versions on each domain controller and replaces the outdated versions with the up-to-date version.
To track object versions, Active Directory uses numbers called Update Sequence Numbers (USNs). Newer versions of Active Directory objects correspond to higher USNs. Each domain controller keeps the USNs of all other domain controllers.
USN rollback
After you perform a nonauthoritative restore of a domain controller or of its database, the current USN of that domain controller is replaced by the old (lower) USN from the backup. But the other domain controllers are not aware of this change. They still keep the latest known (higher) USN of that domain controller.
As a result, the following issues occur:
To avoid a USN rollback, you need to notify the domain controller about the fact that it has been recovered.
To avoid a USN rollback
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
If you see a different setting (and you cannot find the entry for Event ID 1109), ensure that the recovered domain controller has current service packs, and then repeat the entire procedure.
For more details about USNs and USN rollback, see the following Microsoft Technet article: http://technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv.aspx.