Computers added to AD - won't authenticate on NT4 BDC

[SteveHodd]

I've set up a test LAN to test upgrading our NT4 domain to Windows 2003.
I took an NT4 BDC off our live network and installed on the test LAN. I promoted the BDC to PDC and installed a 2nd NT4 BDC on the test LAN.
I Upgraded the PDC to Windows 2003, (Windows 2003 Interim mode) installing DNS and AD.

I started testing that XP and Win98 clients would both authenticate using the Windows 2003 DC or the NT4 BDC.
Both logged in correctly.

I then added a new XP Client Computer in AD.
The new client showed as a Domain Member in Server Manager on the BDC.
The new Computer will authenticate to the Windows 2003 server, but if this server is disconnected from the LAN, it will not authenticate to the NT4 BDC. I have tried adding the new Computer manually to AD and joining the Domain from the client.

Does any one know how to make new Computers added to a Windows 2003 Domain, be authenticated by a NT4 BDC ?

I hope someone has an answer to this.

Steve Hoddinott

 

[stehazza]

The simple answer is... generally it wont. Because authentication through AD when you have a mixed environment clients will 99.9% of the time authenticate to a 2003 DC (which is you AD PID FSMO Roles PDC emulator). You can prove the point by putting another 2003 dc on your test lan and seeing if the two 2003 dc's are used but not the NT4. Nt4 BDC's are great for user authentication when it comes to non-login specific authentication.

Hope this helps!