LDS service startup fails after you manually change msDS-Behavior-Version in Windows Server 2019

Applies to: Windows Server 2019Windows Storage Server 2016

Symptom


In ADSI Edit, you change the msDS-Behavior-Version attribute of the Partitions container to 7 in order to raise the Active Directory (AD) Lightweight Directory Services (LDS) instance functional level to WIN2016.

image.png


After you restart the server or stop the LDS service, the LDS service cannot be started. When you try to manually start the service, the following event errors are logged:


Additionally, you receive the following error message:

image.png

Cause


Manually setting the msDS-Behavior-Version attribute value to 7 on LDS instances is not supported.

Resolution


If the LDS instance contains only one server, you must restore the server from a backup to resolve the issue.

If there are multiple replica servers in that instance (for example, LDSServer1 and LDSServer2), and if one server has not yet been restarted, follow these steps:

  1. If the LDS server on which the service that does not start (for example, LDSServer1) holds the LDS Roles (for example, Schema and Domain Naming FSMO), seize the roles by running ntdsutil:
    image.png
  2. Connect to the configuration partition of the server that still runs the LDS instance (for example, LDSServer2), and then roll back the functionality level version by reverting the msDS-Behavior-Version attribute value.
  3. Run a metadata cleanup of the LDS server ( LDSServer1) by using dsmgmt:

    image.png

  4. Log on to LDSServer1, and uninstall the instance:

    image.png


    image.png

     
  5. Run the "Active Directory Lightweight Directory Services Setup" (C:\Windows\ADAM\adaminstall.exe) on LDSServer1 to install a replica of the existing instance from LDSServer2.