RE: Trust relationship betwen Win2003 & WinNT 4.0 Server
- From: esanborn <esanborn@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 1 Aug 2006 11:46:02 -0700
Thanks. I am able to ping the new Win2003 domain from the NT4.0 PDC but
not the other way around. The Win2003 DC cannot ping the old NT4.0 domain.
Would this be a problem with the lmhosts file on the NT4.0 PDCor the Win2003
DC?
Thanks,
Ed
(978) 210-9855
"-Train-" wrote:
I have tackled this problem on numerous occasions. There are a few things.
that need to be in place for trusts to work correctly. I'm sure you have
read all the information on this but I will drop a few highlights.
1. Make sure both domain controllers are using the same WINS server AND/OR
make sure they both have lmhosts files that resolve to each other. The 2003
server would be fine without NETBIOS naming but the NT box won't set up a
trust without it. The lmhosts file should have a Domain entry and 1B record
for the server on the opposite end of the trust. Here is a link on the issue:
http://support.microsoft.com/kb/889030/en-us
Scroll down to Method one -> Step one
2. I also added the NT Domain controller in to my 2003 DNS in order to
verify it would resolve no matter which way it tried. (Probably not needed
but I did it anyway.)
3. Make sure the "Restrict Anonymous" is set correctly on the Windows 2003
Server. There is information at this link:
http://support.microsoft.com/kb/178640/
These top three highlights are the usual suspects for broken trusts. We
have 20 different domains in my organization and have encountered all sorts
of problems similiar to yours. Let me know if you've tried all these and I
will look through my notes a little.
-Train-
"esanborn" wrote:
I am attempting to migrate from WinNT 4.0 domain to Win2003. I am also trying
to change domain names while doing this. I am trying to setup a trust
relationship between the 2 domains so that I can migrate services. I am
getting the following error when trying to setup the 2-way trust between new
Win2003 DC and existing WinNT 4.0 PDC:
"The name you specified is not a valid Windows domain.."
I am assuming that I need to do some more work in setting up NETBIOS name
resolution on the Win2003 DC to be able to see the WinNT 4.0 domain.
I see old references to this but I am still having trouble. I have read the
MS KB articles on the subject. ANy help would be appreciated.
Thanks,
Ed
- Follow-Ups:
- RE: Trust relationship betwen Win2003 & WinNT 4.0 Server
- From: -Train-
- RE: Trust relationship betwen Win2003 & WinNT 4.0 Server
- Prev by Date: Re: Why adding secondary IP to NIC of DNS servers failed ?
- Next by Date: Re: Why adding secondary IP to NIC of DNS servers failed ?
- Previous by thread: RE: Trust relationship betwen Win2003 & WinNT 4.0 Server
- Next by thread: RE: Trust relationship betwen Win2003 & WinNT 4.0 Server
- Index(es):
Relevant Pages
|
