If Default Domain Controllers Policy is not working, NT4 can access W2K3?
Maybe you should check Security Settings in DC policy Microsoft Network
Server: Digitaly sign communications (always) and disable it. This setting
might prevent communication between W2K3 servers and systems with older
versions of OS. Which service pack is applied to NT4 system?
Toni
"jrm73" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> Thanks for reading. I have an issue and not sure the root cause. I am
> in the middle of a migration from NT4 to Win 2003 AD. In order to run
> AD migration Tool I need to logon to my 2K3 server with an account the
> has admin rights on each PC. All PC's are still in NT domain so I am
> using NT admin account. This worked fine in the past but I have since
> enabled and configured some group policies to allow local LAN admins to
> logon to AD DC's at already migrated locations. Specifically I added
> their groups to 'Allow log on Locally' and 'Allow logon thru
> terminal services' in Default Domain Controllers Policy. When I
> tried to logon onto the AD server with NT admin account I initially got
> the error saying I couldn't be logged on because the account did not
> have 'Allow logon thru terminal' user right. I since added the NT
> admin account to the Remote Desktop users group as well as gave this
> account 'Allow log on Locally' and 'Allow logon thru terminal
> services' in Default Domain Controllers Policy. After doing that I
> now get error "the system cannot log you on now because the domain
> <domain>is not available." So now I've got a networking issue? My
> AD DC can't find the NT 4 DC, right?
>
> I did the following. Added NT4 DC to lmhost on WIN2K3 DC with hex 1b
> entries. Can ping by name etc but not sure what else to do. This
> worked in the past when the Default DC Policies were NOT configured.
>
> Any ideas? Thanks for any help-
>
|
Similar Threads
Linear Mode
