Trouble with W2K and NT4 Trust

[GPL]

I am trying to set up a trust between my W2K domain with 2 DC's and an NT
domain with one PDC in it. They are on the same network/subnet.

On the NT4 PDC I set up an LMHOSTS file like so:

10.192.0.3 W2KDC #PRE #DOM:FOURTOUCH

10.192.0.3 "FOURTOUCH \0x15" #PRE

W2KDC being the DC that is also the PDC emulator and FOURTOUCH being the w2k
domain.

I have tried to follow Q306733, "HOW TO: Create a Trust Between a Windows
2000 Domain and a Windows NT 4.0 Domain"

On the W2k DC when I put the name of the NT domain into the "Domains that
trust this domain" section it asks me if I want to Verify new trust?

If I have it verify the trust it tells me the secure channel query on the DC
in the NTDOMAIN failed with error "The specified domain either does not
exist or cannot be contacted" and an SC reset will be attempted. The reset
then fails with the same error about it not existing or cannot be contacted.

I even setup an LMHOSTS file for the W2K DC. If I did not do this I would
get an RPC server unavailable error before. I have the following setup on
the W2K DC LMHOSTS file, this is the NT4 PDC and its domain:

10.192.0.7 CASSIOPEIA #PRE #DOM:CONSTELLATION

10.192.0.7 "CONSTELLATION \0x15" #PRE

When I do an NBTSTAT -R and an NBTSTAT -c on the W2K DC I get the following:

C:\>nbtstat -c

Local Area Connection:

Node IpAddress: [10.192.0.3] Scope Id: []

NetBIOS Remote Cache Name Table

Name Type Host Address Life [sec]

------------------------------------------------------------

CASSIOPEIA <03> UNIQUE 10.192.0.7 -1

CASSIOPEIA <00> UNIQUE 10.192.0.7 -1

CASSIOPEIA <20> UNIQUE 10.192.0.7 -1

CONSTELLATION <1C> GROUP 10.192.0.7 -1

CONSTELLATION <15> UNIQUE 10.192.0.7 -1







...and I get this on the NT4 PDC:

C:\>nbtstat -c

NetBIOS Remote Cache Name Table

Name Type Host Address Life [sec]

------------------------------------------------------------

W2KDC <03> UNIQUE 10.192.0.3 -1

W2KDC <00> UNIQUE 10.192.0.3 -1

W2KDC <20> UNIQUE 10.192.0.3 -1

FOURTOUCH <1C> GROUP 10.192.0.3 -1

FOURTOUCH <15> UNIQUE 10.192.0.3 -1









I have successfully made trusts between other W2K and W2K3 domains but never
an NT4 domain and this where I am. Any suggestions? What have I missed?
Thanks for your help!

 

[Scallica]

Hey GPL,

I recently set up a trust between an NT4 and W2K domain. I was receiving the
same errors. The solution to my problem was that all configurations must be
done on the PDC. In the Active Directory world, there is no PDC....BUT one
Domain Controller can be designated as a "PDC Emulator". Once I setup my
trust from the PDC Emulator....everything worked well.

-Scallica-

 

[GPL]

did you do it from the command line or from the mmc?

I have tried it both way -- there might be something else sticking here that
I do not know...

By the way I know the text formatted funny in the email but I do have the
netbios name in a 15 character space and I typoed the 0x15 I know it is
supposed to be 0x1b.


Thanks!

 

[Scallica]

I setup my trust from the MMC. I believe I setup the NT4 side first, then
setup the W2K side.
Please make sure the DCs have full IP connectivity between each other. Also
be sure the W2K DC is a PDC emulator.

 

[GPL]

Yep, I have both of those covered. I'm checking out what is said on this
link right now to see if it helps:

http://groups.google.com/groups?hl=...FPcMzicDHA.2436%40TK2MSFTNGP12.phx.gbl&rnum=1