Sign in with
Sign up | Sign in
Your question

Trust Relationship NT4W2k3

Tags:
  • Domain
  • Microsoft
  • Windows
Last response: in Windows 2000/NT
Share
July 7, 2004 10:15:49 AM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

I have a Child Domain W2k3 and an NT4 Domain with a trust
relationship (Two Way trust).
The trust has been established without problem but when I
use UserManager NT4 from PDC NT4 and I add a member of
domain W2k3 to a NT4 Local Group, the member appear
with: "?"Unknow Account.

I already update LMHOSTS file on PDC NT4 with syntax:

@IP PDCNAME #PRE #DOM:D OMAIN-NAME
@IP "DOMAIN-NAME \0x1b" #PRE

When I verify Trust from DC W2k3, it's OK.
I don't have problem for browse Domain Account User W2k3
from PDC NT4.
I don't have problem from domain W2k3 for add NT4 Domain
User to W2k3 Local Group

Has anybody any ideas ?

More about : trust relationship nt4w2k3

Anonymous
July 7, 2004 1:52:37 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Hi Cedric,

Open a dos prompt and run nbtstat -R then
nbtstat -c and verify the domain name 1b
and 1c netbios names are in the cache.

"cedric" <anonymous@discussions.microsoft.com> wrote in message news:
> I have a Child Domain W2k3 and an NT4 Domain with a trust
> relationship (Two Way trust).
> The trust has been established without problem but when I
> use UserManager NT4 from PDC NT4 and I add a member of
> domain W2k3 to a NT4 Local Group, the member appear
> with: "?"Unknow Account.
>
> I already update LMHOSTS file on PDC NT4 with syntax:
>
> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
> @IP "DOMAIN-NAME \0x1b" #PRE
>
> When I verify Trust from DC W2k3, it's OK.
> I don't have problem for browse Domain Account User W2k3
> from PDC NT4.
> I don't have problem from domain W2k3 for add NT4 Domain
> User to W2k3 Local Group
>
> Has anybody any ideas ?
July 7, 2004 1:52:38 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Hi Michael,

Domain name 1b and 1c are correctly in the cache.

>-----Original Message-----
>Hi Cedric,
>
>Open a dos prompt and run nbtstat -R then
>nbtstat -c and verify the domain name 1b
>and 1c netbios names are in the cache.
>
>"cedric" <anonymous@discussions.microsoft.com> wrote in
message news:
>> I have a Child Domain W2k3 and an NT4 Domain with a
trust
>> relationship (Two Way trust).
>> The trust has been established without problem but when
I
>> use UserManager NT4 from PDC NT4 and I add a member of
>> domain W2k3 to a NT4 Local Group, the member appear
>> with: "?"Unknow Account.
>>
>> I already update LMHOSTS file on PDC NT4 with syntax:
>>
>> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
>> @IP "DOMAIN-NAME \0x1b" #PRE
>>
>> When I verify Trust from DC W2k3, it's OK.
>> I don't have problem for browse Domain Account User W2k3
>> from PDC NT4.
>> I don't have problem from domain W2k3 for add NT4 Domain
>> User to W2k3 Local Group
>>
>> Has anybody any ideas ?
>
>
>.
>
Related resources
Anonymous
July 7, 2004 2:56:25 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Can you map to a share on the Wk3 DC
from the NT4.0 PDC successfully? If not
what is the exact error?

"Cedric" <anonymous@discussions.microsoft.com> wrote in message news:
> Hi Michael,
>
> Domain name 1b and 1c are correctly in the cache.
>
> >-----Original Message-----
> >Hi Cedric,
> >
> >Open a dos prompt and run nbtstat -R then
> >nbtstat -c and verify the domain name 1b
> >and 1c netbios names are in the cache.
> >
> >"cedric" <anonymous@discussions.microsoft.com> wrote in
> message news:
> >> I have a Child Domain W2k3 and an NT4 Domain with a
> trust
> >> relationship (Two Way trust).
> >> The trust has been established without problem but when
> I
> >> use UserManager NT4 from PDC NT4 and I add a member of
> >> domain W2k3 to a NT4 Local Group, the member appear
> >> with: "?"Unknow Account.
> >>
> >> I already update LMHOSTS file on PDC NT4 with syntax:
> >>
> >> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
> >> @IP "DOMAIN-NAME \0x1b" #PRE
> >>
> >> When I verify Trust from DC W2k3, it's OK.
> >> I don't have problem for browse Domain Account User W2k3
> >> from PDC NT4.
> >> I don't have problem from domain W2k3 for add NT4 Domain
> >> User to W2k3 Local Group
> >>
> >> Has anybody any ideas ?
> >
> >
> >.
> >
July 7, 2004 2:56:26 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Yes, I can map the share \\PDCW2k3\Sysvol with sucess.

>-----Original Message-----
>Can you map to a share on the Wk3 DC
>from the NT4.0 PDC successfully? If not
>what is the exact error?
>
>"Cedric" <anonymous@discussions.microsoft.com> wrote in
message news:
>> Hi Michael,
>>
>> Domain name 1b and 1c are correctly in the cache.
>>
>> >-----Original Message-----
>> >Hi Cedric,
>> >
>> >Open a dos prompt and run nbtstat -R then
>> >nbtstat -c and verify the domain name 1b
>> >and 1c netbios names are in the cache.
>> >
>> >"cedric" <anonymous@discussions.microsoft.com> wrote in
>> message news:
>> >> I have a Child Domain W2k3 and an NT4 Domain with a
>> trust
>> >> relationship (Two Way trust).
>> >> The trust has been established without problem but
when
>> I
>> >> use UserManager NT4 from PDC NT4 and I add a member
of
>> >> domain W2k3 to a NT4 Local Group, the member appear
>> >> with: "?"Unknow Account.
>> >>
>> >> I already update LMHOSTS file on PDC NT4 with syntax:
>> >>
>> >> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
>> >> @IP "DOMAIN-NAME \0x1b" #PRE
>> >>
>> >> When I verify Trust from DC W2k3, it's OK.
>> >> I don't have problem for browse Domain Account User
W2k3
>> >> from PDC NT4.
>> >> I don't have problem from domain W2k3 for add NT4
Domain
>> >> User to W2k3 Local Group
>> >>
>> >> Has anybody any ideas ?
>> >
>> >
>> >.
>> >
>
>
>.
>
July 7, 2004 4:50:04 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Somebody give me answer:

I have enable "anonymous name/sid translation" in my DC
GPO. Now I can visualize W2k3 account member in NT4 Local
Group.
But I have a second problem now: I can't access share
ressource NT4 from domain W2k3 by use an account w2k3. I
have "access denied".
I have create local group on Domain NT4 and insert W2k3
account inside. I paid attention to permission share and
NTFS permission.



>-----Original Message-----
>Yes, I can map the share \\PDCW2k3\Sysvol with sucess.
>
>>-----Original Message-----
>>Can you map to a share on the Wk3 DC
>>from the NT4.0 PDC successfully? If not
>>what is the exact error?
>>
>>"Cedric" <anonymous@discussions.microsoft.com> wrote in
>message news:
>>> Hi Michael,
>>>
>>> Domain name 1b and 1c are correctly in the cache.
>>>
>>> >-----Original Message-----
>>> >Hi Cedric,
>>> >
>>> >Open a dos prompt and run nbtstat -R then
>>> >nbtstat -c and verify the domain name 1b
>>> >and 1c netbios names are in the cache.
>>> >
>>> >"cedric" <anonymous@discussions.microsoft.com> wrote
in
>>> message news:
>>> >> I have a Child Domain W2k3 and an NT4 Domain with a
>>> trust
>>> >> relationship (Two Way trust).
>>> >> The trust has been established without problem but
>when
>>> I
>>> >> use UserManager NT4 from PDC NT4 and I add a
member
>of
>>> >> domain W2k3 to a NT4 Local Group, the member appear
>>> >> with: "?"Unknow Account.
>>> >>
>>> >> I already update LMHOSTS file on PDC NT4 with
syntax:
>>> >>
>>> >> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
>>> >> @IP "DOMAIN-NAME \0x1b" #PRE
>>> >>
>>> >> When I verify Trust from DC W2k3, it's OK.
>>> >> I don't have problem for browse Domain Account
User
>W2k3
>>> >> from PDC NT4.
>>> >> I don't have problem from domain W2k3 for add NT4
>Domain
>>> >> User to W2k3 Local Group
>>> >>
>>> >> Has anybody any ideas ?
>>> >
>>> >
>>> >.
>>> >
>>
>>
>>.
>>
>.
>
Anonymous
July 7, 2004 8:08:24 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Check the restrictanonymous setting on the
W2k3 machine.

How to Use the RestrictAnonymous Registry Value in Windows 2000
http://support.microsoft.com/default.aspx?scid=kb;en-us;246261

"cedric" <anonymous@discussions.microsoft.com> wrote in message
> Somebody give me answer:
>
> I have enable "anonymous name/sid translation" in my DC
> GPO. Now I can visualize W2k3 account member in NT4 Local
> Group.
> But I have a second problem now: I can't access share
> ressource NT4 from domain W2k3 by use an account w2k3. I
> have "access denied".
> I have create local group on Domain NT4 and insert W2k3
> account inside. I paid attention to permission share and
> NTFS permission.
>
>
>
> >-----Original Message-----
> >Yes, I can map the share \\PDCW2k3\Sysvol with sucess.
> >
> >>-----Original Message-----
> >>Can you map to a share on the Wk3 DC
> >>from the NT4.0 PDC successfully? If not
> >>what is the exact error?
> >>
> >>"Cedric" <anonymous@discussions.microsoft.com> wrote in
> >message news:
> >>> Hi Michael,
> >>>
> >>> Domain name 1b and 1c are correctly in the cache.
> >>>
> >>> >-----Original Message-----
> >>> >Hi Cedric,
> >>> >
> >>> >Open a dos prompt and run nbtstat -R then
> >>> >nbtstat -c and verify the domain name 1b
> >>> >and 1c netbios names are in the cache.
> >>> >
> >>> >"cedric" <anonymous@discussions.microsoft.com> wrote
> in
> >>> message news:
> >>> >> I have a Child Domain W2k3 and an NT4 Domain with a
> >>> trust
> >>> >> relationship (Two Way trust).
> >>> >> The trust has been established without problem but
> >when
> >>> I
> >>> >> use UserManager NT4 from PDC NT4 and I add a
> member
> >of
> >>> >> domain W2k3 to a NT4 Local Group, the member appear
> >>> >> with: "?"Unknow Account.
> >>> >>
> >>> >> I already update LMHOSTS file on PDC NT4 with
> syntax:
> >>> >>
> >>> >> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
> >>> >> @IP "DOMAIN-NAME \0x1b" #PRE
> >>> >>
> >>> >> When I verify Trust from DC W2k3, it's OK.
> >>> >> I don't have problem for browse Domain Account
> User
> >W2k3
> >>> >> from PDC NT4.
> >>> >> I don't have problem from domain W2k3 for add NT4
> >Domain
> >>> >> User to W2k3 Local Group
> >>> >>
> >>> >> Has anybody any ideas ?
> >>> >
> >>> >
> >>> >.
> >>> >
> >>
> >>
> >>.
> >>
> >.
> >
July 7, 2004 8:08:25 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

That's right...I was constrained to disable Anonymous
enumerate of SAM Account by applying GPO on DC.
Now it's good.

Thanks...

Cedric.

>-----Original Message-----
>Check the restrictanonymous setting on the
>W2k3 machine.
>
>How to Use the RestrictAnonymous Registry Value in
Windows 2000
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;246261
>
>"cedric" <anonymous@discussions.microsoft.com> wrote in
message
>> Somebody give me answer:
>>
>> I have enable "anonymous name/sid translation" in my DC
>> GPO. Now I can visualize W2k3 account member in NT4
Local
>> Group.
>> But I have a second problem now: I can't access share
>> ressource NT4 from domain W2k3 by use an account w2k3.
I
>> have "access denied".
>> I have create local group on Domain NT4 and insert W2k3
>> account inside. I paid attention to permission share
and
>> NTFS permission.
>>
>>
>>
>> >-----Original Message-----
>> >Yes, I can map the share \\PDCW2k3\Sysvol with sucess.
>> >
>> >>-----Original Message-----
>> >>Can you map to a share on the Wk3 DC
>> >>from the NT4.0 PDC successfully? If not
>> >>what is the exact error?
>> >>
>> >>"Cedric" <anonymous@discussions.microsoft.com> wrote
in
>> >message news:
>> >>> Hi Michael,
>> >>>
>> >>> Domain name 1b and 1c are correctly in the cache.
>> >>>
>> >>> >-----Original Message-----
>> >>> >Hi Cedric,
>> >>> >
>> >>> >Open a dos prompt and run nbtstat -R then
>> >>> >nbtstat -c and verify the domain name 1b
>> >>> >and 1c netbios names are in the cache.
>> >>> >
>> >>> >"cedric" <anonymous@discussions.microsoft.com>
wrote
>> in
>> >>> message news:
>> >>> >> I have a Child Domain W2k3 and an NT4 Domain
with a
>> >>> trust
>> >>> >> relationship (Two Way trust).
>> >>> >> The trust has been established without problem
but
>> >when
>> >>> I
>> >>> >> use UserManager NT4 from PDC NT4 and I add a
>> member
>> >of
>> >>> >> domain W2k3 to a NT4 Local Group, the member
appear
>> >>> >> with: "?"Unknow Account.
>> >>> >>
>> >>> >> I already update LMHOSTS file on PDC NT4 with
>> syntax:
>> >>> >>
>> >>> >> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
>> >>> >> @IP "DOMAIN-NAME \0x1b" #PRE
>> >>> >>
>> >>> >> When I verify Trust from DC W2k3, it's OK.
>> >>> >> I don't have problem for browse Domain Account
>> User
>> >W2k3
>> >>> >> from PDC NT4.
>> >>> >> I don't have problem from domain W2k3 for add
NT4
>> >Domain
>> >>> >> User to W2k3 Local Group
>> >>> >>
>> >>> >> Has anybody any ideas ?
>> >>> >
>> >>> >
>> >>> >.
>> >>> >
>> >>
>> >>
>> >>.
>> >>
>> >.
>> >
>
>
>.
>
Anonymous
July 8, 2004 1:51:48 PM

Archived from groups: microsoft.public.windowsnt.domain (More info?)

Your welcome.

"cedric" <anonymous@discussions.microsoft.com> wrote in message
news:2881101c4646d$d8e25160$a501280a@phx.gbl...
> That's right...I was constrained to disable Anonymous
> enumerate of SAM Account by applying GPO on DC.
> Now it's good.
>
> Thanks...
>
> Cedric.
>
> >-----Original Message-----
> >Check the restrictanonymous setting on the
> >W2k3 machine.
> >
> >How to Use the RestrictAnonymous Registry Value in
> Windows 2000
> >http://support.microsoft.com/default.aspx?scid=kb;en-
> us;246261
> >
> >"cedric" <anonymous@discussions.microsoft.com> wrote in
> message
> >> Somebody give me answer:
> >>
> >> I have enable "anonymous name/sid translation" in my DC
> >> GPO. Now I can visualize W2k3 account member in NT4
> Local
> >> Group.
> >> But I have a second problem now: I can't access share
> >> ressource NT4 from domain W2k3 by use an account w2k3.
> I
> >> have "access denied".
> >> I have create local group on Domain NT4 and insert W2k3
> >> account inside. I paid attention to permission share
> and
> >> NTFS permission.
> >>
> >>
> >>
> >> >-----Original Message-----
> >> >Yes, I can map the share \\PDCW2k3\Sysvol with sucess.
> >> >
> >> >>-----Original Message-----
> >> >>Can you map to a share on the Wk3 DC
> >> >>from the NT4.0 PDC successfully? If not
> >> >>what is the exact error?
> >> >>
> >> >>"Cedric" <anonymous@discussions.microsoft.com> wrote
> in
> >> >message news:
> >> >>> Hi Michael,
> >> >>>
> >> >>> Domain name 1b and 1c are correctly in the cache.
> >> >>>
> >> >>> >-----Original Message-----
> >> >>> >Hi Cedric,
> >> >>> >
> >> >>> >Open a dos prompt and run nbtstat -R then
> >> >>> >nbtstat -c and verify the domain name 1b
> >> >>> >and 1c netbios names are in the cache.
> >> >>> >
> >> >>> >"cedric" <anonymous@discussions.microsoft.com>
> wrote
> >> in
> >> >>> message news:
> >> >>> >> I have a Child Domain W2k3 and an NT4 Domain
> with a
> >> >>> trust
> >> >>> >> relationship (Two Way trust).
> >> >>> >> The trust has been established without problem
> but
> >> >when
> >> >>> I
> >> >>> >> use UserManager NT4 from PDC NT4 and I add a
> >> member
> >> >of
> >> >>> >> domain W2k3 to a NT4 Local Group, the member
> appear
> >> >>> >> with: "?"Unknow Account.
> >> >>> >>
> >> >>> >> I already update LMHOSTS file on PDC NT4 with
> >> syntax:
> >> >>> >>
> >> >>> >> @IP PDCNAME #PRE #DOM:D OMAIN-NAME
> >> >>> >> @IP "DOMAIN-NAME \0x1b" #PRE
> >> >>> >>
> >> >>> >> When I verify Trust from DC W2k3, it's OK.
> >> >>> >> I don't have problem for browse Domain Account
> >> User
> >> >W2k3
> >> >>> >> from PDC NT4.
> >> >>> >> I don't have problem from domain W2k3 for add
> NT4
> >> >Domain
> >> >>> >> User to W2k3 Local Group
> >> >>> >>
> >> >>> >> Has anybody any ideas ?
> >> >>> >
> >> >>> >
> >> >>> >.
> >> >>> >
> >> >>
> >> >>
> >> >>.
> >> >>
> >> >.
> >> >
> >
> >
> >.
> >
!