Windows NT-Based BDCs No Longer Synchronize After a Windows 2000 Domain Is Switched to Native Mode

ID: Q240305

The information in this article applies to:
  • Microsoft Windows NT Server versions 3.51, 4.0
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server

SYMPTOMS

A Windows NT-based backup domain controller (BDC) may display the following error messages in Event Viewer:

Event ID: 5716
Source: Netlogon
Description: The partial synchronization replication of the (LSA, SAM, Builtin) database from the Primary Domain Controller failed with the following error:
The network request is not supported.
The BDC generates all three error messages (LSA, SAM, and Builtin) every five minutes with the same message. This fills the event log on a BDC that has been cut off from the primary domain controller (PDC) for an extended period of time. This may be the first indication to a remote administrator with BDCs that the Windows 2000 domain was witched to native mode.


CAUSE

This behavior can occur on a Windows NT-based BDC if it is participating in a Windows 2000-based domain that has been placed in Native mode.


MORE INFORMATION

Windows 2000 supports the following 2 modes of operation:

  • Mixed


  • Native


Mixed mode supports SAM replication of both Windows 2000 and down level domain controllers such as Windows NT 4.0 or 3.51-based DCs.

Native mode does not support SAM replication to Windows NT-based down level domain controllers.

NOTE: Windows 2000 only supports going from Mixed Mode (default) to Native mode. You cannot switch a Windows 2000 domain controller back to Mixed mode once it has been switched to Native mode.

The down level Windows NT-based BDCs that are in the domain prior, during, and after the Windows 2000 domain has been switched to Native mode are still active domain controllers in the domain. The Windows NT-based BDC can still add new users, groups, or computer accounts, as these changes are written to the Windows 2000 PDC Flexible Single Master Operation (FSMO) Active Directory database. The Windows NT-based BDC "sees" the Windows 2000-based PDC to be the writable copy of the SAM database.

The main issue is that the new accounts will not be replicated back to the Windows NT-based BDC; these users can only log on when authenticated by a Windows 2000-based domain controller. Existing users with accounts prior to the switch to Native Mode will be allowed to log into the Windows NT-based BDC. If their password is changed, it will not be synchronized between the Windows 2000-based DCs with the new password and the Windows NT-based BDCs with the old password.

For additional information about this subject, please click the article number below to view the article in the Microsoft Knowledge Base:
Q186153 Modes Supported by Windows 2000 Domain Controllers

Additional query words: win2000hotds

Keywords : kberrmsg kbnetwork kbtool kbui
Version : WINDOWS:2000; winnt:3.51,4.0
Platform : WINDOWS winnt
Issue type : kbprb


Last Reviewed: January 4, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.