Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Add domain admin as local admin 1

Status
Not open for further replies.
wenyee99

wenyee99

Technical User
Jul 19, 2006
21
0
0
MY
Dear all,
I am trying to migrate user sids from win2k domain to win2k3 domain, and i need to add domain administrator of win2k domain as a member of local administrator in win2k domain and vice versa, add domain admin of win2k3 domain as a local administrator in win2k domain. But the process end with error"logon failure, bad user name and password".
Is anyone has experience the same problem before? Thanks in advance.


 
Sort by date Sort by votes
You will have to set domain trust between them, I guess.

_____________________________________
S. Daniel P. Teixeira - MCP
 
Upvote 0 Downvote
If you go into Domain Admin group on Server 1, add User of Server into it.

i.e. In Server 1 (W2K3) go to Domain Admins choose members and put \Server2\User.

That's what I did in reverse-order in XP to add my local XP account as Domain Admin of my 2003 Server.
 
Upvote 0 Downvote
These guys are right. You first need a 2-way trust between the domains. Then, you can go into the groups on both sides and add the other domain's Domain Admin. A trust is the key to making this work.
 
Upvote 0 Downvote
Dear All,

Thanks for yours reply. I solved the problem by adding the domain admin(domain a) as local admin(domain b) in Builtin object but not in User object which i failed before. Thanks.
 
Upvote 0 Downvote
wenyee99, can you give me more detail about which groups/builtins you had to use to make this work? I put the domain admins on (domain a) in the domain admins on (domain b) and vice-versa, but I still dont have local machine access on the trusting domain. I dont have a "local admin" builtin as far as i can tell.

thanks
 
Upvote 0 Downvote
bookouri,
the built in group is located right down to your domain name inside active directory user and computer.
in creating trust, domain admin of domain a must add as member of local admin of domain b and vice versa.

thanks
 
Upvote 0 Downvote
thanks.. BTW with your two domains, do you notice really long logon times when users log on to the domain that the workstation does not belong to? I have two identical clients. One is joined to domain a and one to domain b. A domain A user can logon to domain B using the client that is joined to domain A, but the logon sits for about 3 minutes before "personal settings" are applied.

 
Upvote 0 Downvote
you are quite lucky because for me i hv to wait more than 5 minutes for the logon process to complete. Still cannot solve it out, since there is no error during the domain trusting and user account migration.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MattM1975
  • Locked
  • Question
Domain Admin Logon 1
Replies
2
Views
80
ADB100
ADB100
goombawaho
  • Locked
  • Question
Microsoft Azure Active Directory - Backup Admin Account 1
Replies
2
Views
142
goombawaho
goombawaho
goombawaho
  • Locked
  • Question
Domain join from wifi connected laptop
Replies
4
Views
192
goombawaho
goombawaho
tscstl
  • Locked
  • Question
access to local folder
Replies
1
Views
76
hairlessupportmonkey
hairlessupportmonkey
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
94
DTGMI
DTGMI

Part and Inventory Search

Sponsor

Back
Top