How does changing the registry key, as per page 55 of the User Guide, to enable differential backups for Recovery Manager for Active Directory 7.5 (and newer) affect the domain controllers? Also you may notice error code 215 with source NTDS ISAM in the Directory Service log on (new) DCs that are being backed up with differential backups.
The key in our documentation is not documented by Microsoft publicly. The key is required for differential backups to work and it switches off circular logging so that the JET database engine keeps all transaction logs until a full backup of the AD database occurs. During a full backup, the transaction logs are truncated. This is why it is important to keep full backups running periodically to avoid running out of disk space. Recovery Manager allows you to define differential policies that specify when full backups should occur (e.g. first backup of the week if a full backup). The "DSA Heuristics" registry key required for differential backups is for a completely different purpose than "DSA-Heuristics" LDAP attribute.
Refer to Microsoft Article - "Transaction Log Parameters" regarding the circular logging capability of the JET database engine:
This parameter configures how transaction log files are managed by the database engine. When circular logging is off, all transaction log files that are generated are retained on disk until they are no longer needed because a full backup of the database has been performed. In this mode, it is possible to restore from an older backup and play forward through all the retained transaction log files such that no data is lost as a result of the disaster that forced the restore. Regular full backups are required to prevent the disk from filling up with transaction log files.
When circular logging is on, only transaction log files that are younger than the current checkpoint are retained on disk. The benefit of this mode is that backups are not required to retire old transaction log files. The trade off is that a zero data loss restore is no longer possible.
If another backup product is being used to backup the AD database, that other product should truncate the logs. Recovery Manager handles this gracefully. If Recovery Manager cannot perform a differential backup as requested because another backup product has truncated the logs, then it will perform a full backup instead. If other software is backing up the system state on the domain controller, then Recovery Manager may not be able to create differential backups as requested, and will create full backups instead.
This affects 7.5 and newer as previous versions didn't support differential backups.