Sign in with
Sign up | Sign in
Your question

"Replication of the SAM User..." failed

Last response: in Windows 2000/NT
Share
Anonymous
April 12, 2004 6:48:27 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

I've done a lot of searching, including MS Knowledgebase & GOOGLE groups
searches for information about the following error to no avail. I hope
someone here can help....

I have a primary domain controller and one backup domain controller in a
network with around 20 computers total. Both are running Window NT 4.0 sp6.
This arrangement has been working for several years. The problem has
appeared only in the last month or so.

The system event log on the BDC contains a series of messages that repeat
about every 5 minutes. The first message has Event ID=5716 with the
following Description: "The partial synchronization replication of the SAM
database from the primary domain controller <Our PDC name> failed with the
following error: The specified user does not exist".

This is then followed by EventID 5732: "Replication of the SAM User <one of
my user accounts here> from primary domain controller <the PDC mentioned
above> failed with the following error: The specified user does not exist."
This message is repeated 8 times.

This is then followed by another Event ID 5732 for another user account.
That message appears just once.

Finally, this is followed by a repeat of the earlier EventID 5716.

I ran GETSID for these two accounts, and I get messages that these accounts
can't be found on the server that is the BDC.Both accounts are listed in the
User manager for domains. And changes made to these accounts in the User
manager, e.g. giving them membership in additional groups, proceeds without
errors. And, these changes are correctly reflected on the PDC.

Attempts to log on to the BDC using these accounts also fail.

Thanks for your help in solving this problem.

Jim
Anonymous
April 12, 2004 7:19:17 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Additional information:

I have tried running nltest /sync /server: <BDC_name> to force a full
synchronization but this apparently fails as well. The event log shows that
replication of LSA & BuiltIn accounts succeeds, but that replication of the
SAM database fails with the same error as before, i.e. that these two user
accounts don't exist.

Sounds like I need to repair the SAM on my BDC.

I appreciate your suggestions.

Jim


"Jim Walsh" <jwalshREM@OVEXXtuspm.temple.edu> wrote in message
news:o fZGt6LIEHA.2252@TK2MSFTNGP10.phx.gbl...
> I've done a lot of searching, including MS Knowledgebase & GOOGLE groups
> searches for information about the following error to no avail. I hope
> someone here can help....
>
> I have a primary domain controller and one backup domain controller in a
> network with around 20 computers total. Both are running Window NT 4.0
sp6.
> This arrangement has been working for several years. The problem has
> appeared only in the last month or so.
>
> The system event log on the BDC contains a series of messages that repeat
> about every 5 minutes. The first message has Event ID=5716 with the
> following Description: "The partial synchronization replication of the SAM
> database from the primary domain controller <Our PDC name> failed with the
> following error: The specified user does not exist".
>
> This is then followed by EventID 5732: "Replication of the SAM User <one
of
> my user accounts here> from primary domain controller <the PDC mentioned
> above> failed with the following error: The specified user does not
exist."
> This message is repeated 8 times.
>
> This is then followed by another Event ID 5732 for another user account.
> That message appears just once.
>
> Finally, this is followed by a repeat of the earlier EventID 5716.
>
> I ran GETSID for these two accounts, and I get messages that these
accounts
> can't be found on the server that is the BDC.Both accounts are listed in
the
> User manager for domains. And changes made to these accounts in the User
> manager, e.g. giving them membership in additional groups, proceeds
without
> errors. And, these changes are correctly reflected on the PDC.
>
> Attempts to log on to the BDC using these accounts also fail.
>
> Thanks for your help in solving this problem.
>
> Jim
>
>
Anonymous
April 12, 2004 7:28:26 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

You could look for LSA corruption:

Recovering from Minor LSA Corruption
http://support.microsoft.com/default.aspx?scid=kb;en-us;199071

If that doesn't work try deleting the netlogon.chg
file. As a last resort you can delete the SAM on
the BDC and reboot, a new one will be replicated
from the PDC.

"Jim Walsh" <jwalshREM@OVEXXtuspm.temple.edu> wrote in message
> Additional information:
>
> I have tried running nltest /sync /server: <BDC_name> to force a full
> synchronization but this apparently fails as well. The event log shows
that
> replication of LSA & BuiltIn accounts succeeds, but that replication
of the
> SAM database fails with the same error as before, i.e. that these two
user
> accounts don't exist.
>
> Sounds like I need to repair the SAM on my BDC.
>
> I appreciate your suggestions.
Related resources
Anonymous
April 12, 2004 8:16:17 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Michael,

Thanks for your quick reply.

It seems to me that your last suggestion is the appropriate one for me
because:

1. The event viewer on the BDC says that LSA database and BuiltIn accounts
have been replicated successfully. The error seems to be in the attempt to
replicate the SAM.

2. I would expect that Full synchronization would bypass the netlogon.chg
file.

But, how do I delete the SAM file on the BDC? When I attempt to do that, it
says a sharing violation; it is in use.

Thanks again for your help.

Jim


"Michael Giorgio - MS MVP" <Michael.Giorgio@NoSpam.mayerson.com> wrote in
message news:eqqubSMIEHA.2376@TK2MSFTNGP12.phx.gbl...
> You could look for LSA corruption:
>
> Recovering from Minor LSA Corruption
> http://support.microsoft.com/default.aspx?scid=kb;en-us;199071
>
> If that doesn't work try deleting the netlogon.chg
> file. As a last resort you can delete the SAM on
> the BDC and reboot, a new one will be replicated
> from the PDC.
>
> "Jim Walsh" <jwalshREM@OVEXXtuspm.temple.edu> wrote in message
> > Additional information:
> >
> > I have tried running nltest /sync /server: <BDC_name> to force a full
> > synchronization but this apparently fails as well. The event log shows
> that
> > replication of LSA & BuiltIn accounts succeeds, but that replication
> of the
> > SAM database fails with the same error as before, i.e. that these two
> user
> > accounts don't exist.
> >
> > Sounds like I need to repair the SAM on my BDC.
> >
> > I appreciate your suggestions.
>
>
Anonymous
April 12, 2004 8:21:59 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

An easy method is to use a W2k boot disk and boot
to c prompt then run: cd\winnt\system32\config. You
should see the following:

C:\WINNT\system32\config
next run: del sam

"Jim Walsh" <jwalshREM@OVEXXtuspm.temple.edu> wrote in message
> Thanks for your quick reply.
>
> It seems to me that your last suggestion is the appropriate one for me
> because:
>
> 1. The event viewer on the BDC says that LSA database and BuiltIn
accounts
> have been replicated successfully. The error seems to be in the
attempt to
> replicate the SAM.
>
> 2. I would expect that Full synchronization would bypass the
netlogon.chg
> file.
>
> But, how do I delete the SAM file on the BDC? When I attempt to do
that, it
> says a sharing violation; it is in use.
Anonymous
April 23, 2004 11:33:47 AM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

You'll need to either boot a W2k disk into DOS and
delete the file or move the HD to a slave on another
NT system.

"Jim Walsh" <jwalshREM@OVEXXtuspm.temple.edu> wrote in message
> Michael,
>
> Thanks for your quick reply.
>
> It seems to me that your last suggestion is the appropriate one for me
> because:
>
> 1. The event viewer on the BDC says that LSA database and BuiltIn accounts
> have been replicated successfully. The error seems to be in the attempt to
> replicate the SAM.
>
> 2. I would expect that Full synchronization would bypass the netlogon.chg
> file.
>
> But, how do I delete the SAM file on the BDC? When I attempt to do that,
it
> says a sharing violation; it is in use.
>
!