Skip to main content

How do you create a trust relationship between Windows Server 2003 and Windows NT Server?

To create a trust where the Windows Server 2003-based domain trusts accounts from the Windows NT-based domain, please perform the following steps:
  1. On the Windows Server 2003-based domain controller: Click Start, point to Administrative Tools, and then double-click Active Directory Domains and Trusts.

  2. In the Active Directory Domains and Trusts snap-in, right-click the domain that you want, and then click Properties.

  3. Click the Trusts tab, and then click New Trust.

  4. The New Trust Wizard appears. Click Next to continue.

  5. Type the NetBIOS name of the Windows NT domain for this trust. For example, type supplier01-int, and then click Next.

  6. In the Direction of Trust window, click One-way: Outgoing Users in the specified domain, realm, or forest can be authenticated in this domain.

  7. Click Next, and then click one of the following to select the scope of authentication for users from the Windows NT domain:

    • Allow authentication for all resources in the local domain. Windows authenticates users from the specified domain for all resources in the local domain. This option is preferred when both domains belong to the same organization.

    • Allow authentication only for selected resources in the local domain. Windows does not automatically authenticate users from the specified domain for any resources in the local domain. After you finish this wizard, grant individual access to each server that you want to make available to users in the specified domain. This option is preferred if the domains belong to different organizations.

  8. Click Next, and then type a password for this trust in the Trust password box. You must use the same password when you create this trust relationship in the specified domain. After you create the trust, Active Directory periodically updates the trust password for security purposes. Type the password again in the Confirm trust password box, and then click Next.

  9. Review your settings, and then click Next.

  10. A message similar to the following message appears: Trust relationship created successfully. Specified domain: supplier01-int. Direction: Outgoing: Users in the specified domain can authenticate in the local domain. Trust type: External. Windows will authenticate users from the specified domain for all resources in the local domain. Transitive: No. Sides of trust: Created the trust for this domain only. where supplier01-int is the NetBIOS name of the Windows NT domain for this trust. Click Next, and then click Yes, confirm the incoming trust.

  11. Click Finish to close the wizard, and then click OK to close the domain properties dialog box.

  12. Quit Active Directory Domains and Trusts.

  13. On the Windows NT-based PDC: Click Start, point to Programs, point to Administrative Tools, and then click User Manager for Domains.

  14. On the Policies menu, click Trust Relationships.

  15. Click the Add button that corresponds to the Trusting Domains box. The Add Trusting Domain dialog box appears.

  16. In the Trusting Domain box, type the Windows Server 2003-based domain name without the .com portion of the domain name. For example, if the Windows Server 2003-based domain is Example.com, type Example.

  17. In the Initial Password box, type the same password that you used for the trust on the Windows Server 2003-based domain controller. NOTE: You must use the same trust password on both the domain controller from the trusting and the domain controller from the trusted domain.

  18. Type the password again in the Confirm Password box, make sure that you are currently logged on to both the Windows NT-based domain controller and the Windows Server 2003-based domain controller as an administrator, and then click OK. The Windows Server 2003-based domain is listed in the Trusting Domains list.

  19. In the Trust Relationships dialog box, click Close.
The trust is created. The Windows Server 2003-based domain trusts accounts from the Windows NT-based domain.

http://www.smartnetadmin.com
Labels:

Comments

Post a Comment

Popular posts from this blog

Access Denied (policy_denied). Your system policy has denied access to the requested URL. For assistance, contact your network support team.

While browsing the internet, you may encounter the message: "Access Denied (policy_denied).  Your system policy has denied access to the requested URL.  For assistance, contact your network support team."   This message indicates the internet traffic is being filtered.  The most common source of an internet traffic filter is in corporate environments that use a proxy server or a firewall appliance designed to filter web traffic.  Some businesses are configured as satellite locations using a VPN tunnel.  In these configurations, the VPN may be configured to filter internet traffic.  In rare instances, the Internet Service Provider is filtering internet traffic.  Typically though, your IT Department or a Network Management Team has configured your internet traffic to be filtered.  Isolating Source of Web Filtering In an environment that is unmanaged and the source of the filtering is unknown, following are some steps you may wish to peform: Th...
3 comments
Read more

Event ID: 7001 - Source: VSS - Unable to create a shadow copy

When using Microsoft Windows Server, you may encounter the error message: "Unable to create a shadow copy."  In the Event Viewer, you may find the following Event: "Event ID: 7001 - Source: VSS - Unable to create a shadow copy."  This event involves the Volume Shadow Copy Service (VSS).  Most likely the Server was rebooted while creating a Shadow Copy.  Many websites describe deleting or renaming the C:\WINDOWS\SYSTEM32\WBEM directory used by Windows Management Instrumentation to resolve this issue.  This is not correct.  Following are the steps to resolve this issue: Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Click the Shadow Copies tab. Select the appropriate Volume. Click Disable. Click OK. Click Start - Control Panel - Administrative Tools - Scheduled Tasks. Delete all tasks related to the Volume Shadow Copy Service. Reboot the Server. Double-click My Computer. Right-mouse click the Hard Drive causing the problem. Cl...
Post a Comment
Read more

How do you stop an unstoppable Windows Service?

You may encounter a Windows Service in Services that has the buttons for Start, Stop, Pause and Resume greyed out.  If you attempt to stop the Service using sc stop [servicename], you encounter the error message: "The requested control is not valid for this service."  To resolve this issue, please perform the following steps: Click Start - Control Panel - Administrative Tools - Services. Double-click the relevant Service. Change the Service Start-Up Type to Disabled. Click Apply. Click OK. Hit CTRL-ALT-DEL on your keyboard. Select Task Manger. Perform an End Task on the relevant Service. This issue has been resolved. http://www.smartnetadmin.com
Post a Comment
Read more