If you manually synchronize from your PDC and the event log on your DBC contains:
Event ID 5722: The session setup from the computer computer name failed to authenticate. Access Denied. Event ID 5718: The full synchronization replication of the SAM database from the primary domain controller PDC name failed with the following error: The specified user does not exist.then your BDC's SAM is corrupted.
To fix the problem, install an alternate copy of Windows NT on your BDC.
NOTE: Only a minimal install is required, but I would upgrade it to your current service pack and retain it for the next problem.
Boot to the alternate install and open a command prompt. Switch to the <Original Install>\System32\Config folder and copy the SAM and SAM.log to a backup folder, just in case.
Delete the original SAM and SAM.log.
Restart your original instance.
Logon to the domain as Administrator, using a blank password.
Set the original instance as the default boot, using Control Panel / System / Startup...
To rebuild the SAM, use Server Manager to select the PDC and click
Synchronize Entire Domain from the Computer menu. Press OK.
