Windows 2000 domain client cannot connect to server in Windows NT domain

Windows 2000 domain client cannot connect to server in Windows NT domain

Post by Felix D » Thu, 03 Feb 2005 02:18:50


Hi everyone,

This is a problem that I have with a Midas Client to Server connection, but
I think it has to do with inter domain security.

So, my DCOM server is in machine in a Win NT domain. Users in this domain a
other trusted NT domains can run their clients and start the DCOM server
without problems.

The problem arise when any user in a Windows 2000 domain tries to connect to
the server. If the server is not running, the W2000 user can never start the
server. However, if the server is already running, because a Win NT user has
started it, then the Win 2000 user can go ahead.

I had given defaults permissions to Everyone, System, Network, Interactive,
and Creator Owner as I've been told to do, and the server runs under the
Interactive user, but it didn't solve the problem.

The question is: do you know what should I do to enable user in the Win 2000
domain to start the DCOM server in the NT domain?.

The Systems dep. have told me that both domain are trusted domain in each
other.

Thank very much for your time.

Fix Dur
 
 
 

Windows 2000 domain client cannot connect to server in Windows NT domain

Post by Ben Hochst » Thu, 03 Feb 2005 08:19:23


Try - just for kicks - to issue

NET USE \\nt4server\ipc$ [/user:w2kdomain\w2kuser]

from the W2K machine prior to starting the DCOM server.
It may have to do with encrypted passwords and passthrough
authentication. (if that is the case, the w2k machine shouldn't be able
to connect to the nt4 server without offering credentials (as in the
[...] in the example above).

A second problem may arise when the w2k domain user isn't allowed to
start/stop services on an nt4 server (but otherwise may connect without
problems)

What does either machine's event log say?

--
Ben

Mach es wie die Eieruhr - zl die weichen Eier nur!

 
 
 

Windows 2000 domain client cannot connect to server in Windows NT domain

Post by Ben Hochst » Thu, 03 Feb 2005 08:25:58


Before I forget - try to add an entry to the w2k domain controller in the
nt4 server's lmhosts file (c:\winnt\system32\drivers\etc\lmhosts). We had
that problem with a crosswise trusted domain when for some reason the nt4
server was unable to find the w2k domain controller to verify credentials)

http://www.yqcomputer.com/
http://www.yqcomputer.com/

--
Ben
 
 
 

Windows 2000 domain client cannot connect to server in Windows NT domain

Post by Felix D » Thu, 03 Feb 2005 17:53:17

Thanks a lot. I'll try what you told me.


"Ben Hochstrasser" <bhoc@tiscali123^H^H^H.ch> escribien el mensaje

>> >>>> The question is: do you know what should I do to enable user in the >>>> Win 2000 domain to start the DCOM server in the NT domain?. >>>> >>>> The Systems dep. have told me that both domain are trusted domain in >>>> each other. >>>> >>>> Thank very much for your time. >> >> Before I forget - try to add an entry to the w2k domain controller in the >> nt4 server's lmhosts file (c:\winnt\system32\drivers\etc\lmhosts). We had >> that problem with a crosswise trusted domain when for some reason the nt4 >> server was unable to find the w2k domain controller to verify credentials) >> >> http://www.yqcomputer.com/ >> http://www.yqcomputer.com/ >> >> -- >> Ben