Windows NT Domain Controller Synchronization fails - recovering from LSA corruption

  • Section(s): Network
  • Published on Apr 20, 2004.
  • Last Modified on Apr 20, 2004.
  • Last Modified by Wayne Maples.
  • Rating: Not Rated
If you see Windows NT event ID 5714

The full synchronization request from the server "bdc" failed with the following error: error text

on the primary domain controller (PDC), or event ID 5716

The partial synchronization replication of the SAM database from the primary domain controller name failed with the following error: Cannot perform this operation on built-in accounts

on one or more backup domain controllers (BDCs), indicating that replication of the LSA database failed. The kb article lists method to manually find and delete corrupted LSA secret or by using checked version of netlogon.dll to detect the corrupted secret in the LSA : Q199071

Once you have correct the BDC problems, to force a domain synchronization, use the commandline:

net accounts /sync

Equivalent to BDC selecting Synchronize with Primary Domain Controller from Server Manager.

About Wayne Maples


Article not looking right or info is missing? Let us know so that we can fix it: .


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowsNetworking.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowsNetworking.com member!

Discuss your network issues with thousands of other network administrators. Click here to join!

Community Area

Log in | Register

Readers' Choice

Which is your preferred network administration tool?