Re: NT4 Client in W2K3 AD migrated / SID
From: Joe Wu [MSFT] (joewu_at_online.microsoft.com)
Date: 03/09/04
- Next message: Pauly: "NT4 Member Servers in Native Mode"
- Previous message: Joe Wu [MSFT]: "Re: NT4 Client in W2K3 AD migrated / SID"
- In reply to: Thorsten Schmitt: "Re: NT4 Client in W2K3 AD migrated / SID"
- Next in thread: Joe Wu [MSFT]: "Re: NT4 Client in W2K3 AD migrated / SID"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 09 Mar 2004 14:35:16 GMT
Hello Thorsten,
Thank you for your post.
I just want to let you know that I have replied you in the original thread
and would like to suggest that we follow up this issue in that thread to
make the process clear. Thanks and have a great day!
Regards,
Joe Wu
Product Support Services
Microsoft Corporation
Get Secure! - www.microsoft.com/security
====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
|From: "Thorsten Schmitt" <NO_SPAM_thorsten.schmitt@realtech.de>
|References: <eMx9b$NBEHA.2888@TK2MSFTNGP09.phx.gbl>
<$nLW6JRBEHA.612@cpmsftngxa06.phx.gbl>
<u8iZkBSBEHA.1600@tk2msftngp13.phx.gbl>
<TuG5GUUBEHA.616@cpmsftngxa06.phx.gbl>
|Subject: Re: NT4 Client in W2K3 AD migrated / SID
|Date: Tue, 9 Mar 2004 09:48:00 +0100
|Lines: 248
|X-Priority: 3
|X-MSMail-Priority: Normal
|X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
|X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
|Message-ID: <#VAm8MbBEHA.3064@tk2msftngp13.phx.gbl>
|Newsgroups: microsoft.public.windows.server.migration
|NNTP-Posting-Host: rt-lan.realtech.de 195.234.216.68
|Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
|Xref: cpmsftngxa06.phx.gbl microsoft.public.windows.server.migration:8591
|X-Tomcat-NG: microsoft.public.windows.server.migration
|
|Hi,
|
|here are the results from NLTest
|
|C:\>nltest /server:(W2k3_new_DC) /sc_query:(old_NT4_name)
|
|Flags: 0
|
|Trusted DC Name \\(NT4_BDC)
|
|Trusted DC Connection Status Status = 0 0x0 NERR_Success
|
|The command completed successfully
|
|
|
|
|
|C:\>nltest /server:(old_NT4_PDC) /sc_query:(new_W2k3_Domain_name)
|
|Flags: 0
|
|Connection Status = 0 0x0 NERR_Success
|
|Trusted DC Name \\(new_w2k3_DC)
|
|Trusted DC Connection Status Status = 0 0x0 NERR_Success
|
|The command completed successfully
|
|
|
|
|
|In the logfiles of both domains aren't any hints for problems.
|
|
|
|Do you have any idea?
|
|
|
|Thanks and regards
|
|Thorsten Schmitt
|
|
|
|
|
|
|
|
|
|
|
|"Joe Wu [MSFT]" <joewu@online.microsoft.com> wrote in message
|news:TuG5GUUBEHA.616@cpmsftngxa06.phx.gbl...
|> Hello Thorsten,
|>
|> Thank you for your reply. I will be standing by for your update. Thanks
|and
|> have a great day!
|>
|> Regards,
|> Joe Wu
|> Product Support Services
|> Microsoft Corporation
|>
|> Get Secure! - www.microsoft.com/security
|>
|> ====================================================
|> When responding to posts, please "Reply to Group" via your newsreader so
|> that others may learn and benefit from your issue.
|> ====================================================
|> This posting is provided "AS IS" with no warranties, and confers no
|rights.
|>
|> --------------------
|> |From: "Thorsten Schmitt" <NO_SPAM_thorsten.schmitt@realtech.de>
|> |References: <eMx9b$NBEHA.2888@TK2MSFTNGP09.phx.gbl>
|> <$nLW6JRBEHA.612@cpmsftngxa06.phx.gbl>
|> |Subject: Re: NT4 Client in W2K3 AD migrated / SID
|> |Date: Mon, 8 Mar 2004 16:16:50 +0100
|> |Lines: 136
|> |X-Priority: 3
|> |X-MSMail-Priority: Normal
|> |X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
|> |X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
|> |Message-ID: <u8iZkBSBEHA.1600@tk2msftngp13.phx.gbl>
|> |Newsgroups: microsoft.public.windows.server.migration
|> |NNTP-Posting-Host: rt-lan.realtech.de 195.234.216.68
|> |Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
|> |Xref: cpmsftngxa06.phx.gbl
microsoft.public.windows.server.migration:8576
|> |X-Tomcat-NG: microsoft.public.windows.server.migration
|> |
|> |Hi,
|> |
|> |thank you for your answer.
|> |I try to answer your questions as far as I can, the problem exist on
|> |customer side, I'll get "hands on" on wednesday.
|> |
|> |> 1. What accounts are there in the ACLs? Are these accounts of the old
|> |> domain?
|> |
|> |ACL from both domains for soft migration to allow Users from both
domains
|> to
|> |access data.
|> |
|> |> 2. The old domain's DCs must be available to convert the SIDs to the
|> |> account names. Please verify if the trust is broken by running the
|> |> following command on the DC of the current domain:
|> |
|> |The old domain is still in high productive environment, the productive
|> |migration will be the coming weekend, so the problem occured on
|testclients
|> |that are configured like the productive clients and server.
|> |
|> |> net use \\DCinOtherDomain\IPC$ /User:OtherDomain\UserAccount *
|> |
|> |Access to shares in both domain works without problems with accounts
from
|> |both accounts, although the acl cannot be displayed, they work without
|> |problems. It only seem to be a problem of the view?!
|> |
|> |> nltest /SERVER:<ServerName> /SC_QUERY:<DomainName>
|> |Will be tested soon.
|> |
|> |> 3. Can you add another account from the old domain to these folder's
|> ACLs?
|> |> Can they be displayed correctly?
|> |When I add a new group or user, its displaye correctly, until I reopen
|the
|> |ACL dialog box, then I also see only the SID.
|> |
|> |> 5. How did you migrate the NT workstations to the new domain?
|> |With ADMT 2.0 with the option to translate the ACL.
|> |
|> |
|> |
|> |Thanks for any help
|> |Regards
|> |Thorsten Schmitt
|> |
|> |
|> |
|> |
|> |"Joe Wu [MSFT]" <joewu@online.microsoft.com> wrote in message
|> |news:$nLW6JRBEHA.612@cpmsftngxa06.phx.gbl...
|> |> Hello Thorsten,
|> |>
|> |> Thank you for your post.
|> |>
|> |> My name is Joe Wu, and it is my pleasure to work with you on this
|issue.
|> |>
|> |> May I know the following?
|> |>
|> |> 1. What accounts are there in the ACLs? Are these accounts of the old
|> |> domain?
|> |>
|> |> 2. The old domain's DCs must be available to convert the SIDs to the
|> |> account names. Please verify if the trust is broken by running the
|> |> following command on the DC of the current domain:
|> |>
|> |> net use \\DCinOtherDomain\IPC$ /User:OtherDomain\UserAccount *
|> |>
|> |> nltest /SERVER:<ServerName> /SC_QUERY:<DomainName>
|> |>
|> |> Note: The nltest tool is from Windows Server 2003 Support Tools.
|> |>
|> |> Please let me know the results.
|> |>
|> |> 3. Can you add another account from the old domain to these folder's
|> ACLs?
|> |> Can they be displayed correctly?
|> |>
|> |> 4. Please check the event logs on DC of each domain to see if there
are
|> |> related errors.
|> |>
|> |> 5. How did you migrate the NT workstations to the new domain?
|> |>
|> |> If you have any questions or concerns, please do not hesitate to let
me
|> |> know. I am standing by to help you. Thank you for your time and
|> |cooperation!
|> |>
|> |> Regards,
|> |> Joe Wu
|> |> Product Support Services
|> |> Microsoft Corporation
|> |>
|> |> Get Secure! - www.microsoft.com/security
|> |>
|> |> ====================================================
|> |> When responding to posts, please "Reply to Group" via your newsreader
|so
|> |> that others may learn and benefit from your issue.
|> |> ====================================================
|> |> This posting is provided "AS IS" with no warranties, and confers no
|> |rights.
|> |>
|> |> --------------------
|> |> |From: "Thorsten Schmitt" <NO_SPAM_thorsten.schmitt@realtech.de>
|> |> |Subject: NT4 Client in W2K3 AD migrated / SID
|> |> |Date: Mon, 8 Mar 2004 08:34:52 +0100
|> |> |Lines: 16
|> |> |X-Priority: 3
|> |> |X-MSMail-Priority: Normal
|> |> |X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
|> |> |X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
|> |> |Message-ID: <eMx9b$NBEHA.2888@TK2MSFTNGP09.phx.gbl>
|> |> |Newsgroups: microsoft.public.windows.server.migration
|> |> |NNTP-Posting-Host: rt-lan.realtech.de 195.234.216.68
|> |> |Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
|> |> |Xref: cpmsftngxa06.phx.gbl
|> microsoft.public.windows.server.migration:8565
|> |> |X-Tomcat-NG: microsoft.public.windows.server.migration
|> |> |
|> |> |Hi,
|> |> |
|> |> |I've migrated some NT4 Workstations and Server into a new W2k3 Active
|> |> |Directory (will soon be productive) for testing purposes. After the
|> |> |migration I cannot resolve any SID in ACL or Share permissions,
|neither
|> |> from
|> |> |the old domain nor the new domain. Networking settings are all
|> correctly,
|> |> |domain controllers and clients are in WINS and DNS withou any
|problems.
|> |> Also
|> |> |any name resolution works without problems. SID2User can resolve the
|SID
|> |> |without problems. The problem occurs on any migrated NT4 client, I
|> |couldn't
|> |> |test it on W2K or XP but it's important to work on the NT4 clients.
|> |> |Any ideas?
|> |> |
|> |> |Thanks and Regards
|> |> |Thorsten Schmitt
|> |> |
|> |> |
|> |> |
|> |>
|> |
|> |
|> |
|>
|
|
|
- Next message: Pauly: "NT4 Member Servers in Native Mode"
- Previous message: Joe Wu [MSFT]: "Re: NT4 Client in W2K3 AD migrated / SID"
- In reply to: Thorsten Schmitt: "Re: NT4 Client in W2K3 AD migrated / SID"
- Next in thread: Joe Wu [MSFT]: "Re: NT4 Client in W2K3 AD migrated / SID"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
