J
jrm73
Thanks for reading. I have an issue and not sure the root cause. I am
in the middle of a migration from NT4 to Win 2003 AD. In order to run
AD migration Tool I need to logon to my 2K3 server with an account the
has admin rights on each PC. All PC's are still in NT domain so I am
using NT admin account. This worked fine in the past but I have since
enabled and configured some group policies to allow local LAN admins to
logon to AD DC's at already migrated locations. Specifically I added
their groups to 'Allow log on Locally' and 'Allow logon thru
terminal services' in Default Domain Controllers Policy. When I
tried to logon onto the AD server with NT admin account I initially got
the error saying I couldn't be logged on because the account did not
have 'Allow logon thru terminal' user right. I since added the NT
admin account to the Remote Desktop users group as well as gave this
account 'Allow log on Locally' and 'Allow logon thru terminal
services' in Default Domain Controllers Policy. After doing that I
now get error "the system cannot log you on now because the domain
<domain>is not available." So now I've got a networking issue? My
AD DC can't find the NT 4 DC, right?
I did the following. Added NT4 DC to lmhost on WIN2K3 DC with hex 1b
entries. Can ping by name etc but not sure what else to do. This
worked in the past when the Default DC Policies were NOT configured.
Any ideas? Thanks for any help-
in the middle of a migration from NT4 to Win 2003 AD. In order to run
AD migration Tool I need to logon to my 2K3 server with an account the
has admin rights on each PC. All PC's are still in NT domain so I am
using NT admin account. This worked fine in the past but I have since
enabled and configured some group policies to allow local LAN admins to
logon to AD DC's at already migrated locations. Specifically I added
their groups to 'Allow log on Locally' and 'Allow logon thru
terminal services' in Default Domain Controllers Policy. When I
tried to logon onto the AD server with NT admin account I initially got
the error saying I couldn't be logged on because the account did not
have 'Allow logon thru terminal' user right. I since added the NT
admin account to the Remote Desktop users group as well as gave this
account 'Allow log on Locally' and 'Allow logon thru terminal
services' in Default Domain Controllers Policy. After doing that I
now get error "the system cannot log you on now because the domain
<domain>is not available." So now I've got a networking issue? My
AD DC can't find the NT 4 DC, right?
I did the following. Added NT4 DC to lmhost on WIN2K3 DC with hex 1b
entries. Can ping by name etc but not sure what else to do. This
worked in the past when the Default DC Policies were NOT configured.
Any ideas? Thanks for any help-