JSI Tip 1801. Synchronization fails with evnets 5718 and 5712?

If you manually synchronize from your PDC and the event log on your DBC contains:

Event ID 5722:The session setup from the computer computer name failed to authenticate. Access Denied.Event ID 5718:The full synchronization replication of the SAM database from the primary domain controller PDC name failed with the following error:The specified user does not exist.

then your BDC's SAM is corrupted.

To fix the problem, install an alternate copy of Windows NT on your BDC.

NOTE: Only a minimal install is required, but I would upgrade it to your current service pack and retain it for the next problem.

Boot to the alternate install and open a command prompt. Switch to the System32Config folder and copy the SAM and SAM.log to a backup folder, just in case.

Delete the original SAM and SAM.log.

Restart your original instance.

Logon to the domain as Administrator, using a blank password.

Set the original instance as the default boot, using Control Panel / System / Startup...

To rebuild the SAM, use Server Manager to select the PDC and click Synchronize Entire Domain from the Computer menu. Press OK.