BDC Cannot Replicate with PDC, Event IDs 5721, 5731, 5716 Occur on BDC

ID: Q245123

The information in this article applies to:
  • Microsoft Windows NT Server version 4.0

SYMPTOMS

When you attempt to synchronize a primary domain controller (PDC) with a backup domain controller (BDC) and both domain controllers are running Microsoft Windows NT Server 4.0, Event Viewer may report the following event on the BDC:

Event ID: 5721
The session setup to the Windows NT Domain Controller \\domain PDC for the domain name failed because the Windows NT Domain Controller does not have an account for the BDC computer.
When you attempt to start the Netlogon service manually, Event Viewer may report Error 1787.

Also, when you remove the account for the BDC from the domain, add it back, and then restart the BDC, Event Viewer may record the following events:
Event ID: 5731
Source: Netlogon
Replication of the SAM Global Group rid: 0x220: from Primary Domain Controller name failed with the following error: Cannot perform this operation on built-in accounts.

Event ID: 5716
Source: Netlogon
The partial synchronization replication of SAM database from the Primary Domain Controller name failed with the following error: Cannot perform this operation on built-in accounts.
NOTE: RID: 0x220 is the Administrator built-in account and should be identical on the PDC and the BDC.


CAUSE

This behavior can occur if the Administrator account Security IDs (SIDs) are not identical on all domain controllers.


RESOLUTION

To resolve this issue, perform a parallel installation of Windows NT Server 4.0 on the BDC, and then synchronize all the domain controllers. To do this, follow these steps:

NOTE: You can use the Getsid utility included with the Windows NT 4.0 Resource Kit to compare the SIDs for the Administrator accounts on the domain controllers.

  1. At the relevant BDC, perform a parallel installation of Windows NT Server 4.0:


    1. Install Windows NT Server 4.0. When you are prompted, select the new installation option. Type the drive and folder where you want to install the parallel installation, placing it in a folder other than the one that contains the original installation.


    2. At the end of the setup process, restart the computer to the parallel installation.


  2. Synchronize the domain controllers:


    1. At the BDC, start Server Manager.


    2. Click the name of the server you want to synchronize with the PDC.


    3. On the Computer menu, click Synchronize With Primary Domain Controller.


    4. Click OK to confirm the synchronization.


  3. At the relevant BDC, delete the original installation of Windows\ NT Server 4.0.


  4. At the relevant BDC, save the configuration:


    1. Start Disk Administrator.


    2. Insert a formatted floppy disk into drive A, and then click OK.


    3. Saving the disk configuration to the floppy disk may take several minutes.


    4. Click OK in the Disk Administrator dialog box.


Additional query words:

Keywords :
Version : winnt:4.0
Platform : winnt
Issue type : kbprb


Last Reviewed: November 9, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.