Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Win2k pro and Workstation trust relationships

Status
Not open for further replies.
TSMJ

TSMJ

MIS
Nov 27, 2002
83
I am new to Windows NT server 4 and am keen to configure it to work on a small network of 3 workstations, 2 running Win2k and 1 running 98. I created a test account for 'cake' which i plan to play with until i get the config just right, and then start copying it to other users etc.

Just after installing NT, the first thing i do is go into User manager and create the account 'cake' with no settings or paths to profiles. Just a plain account. The problems start when i run the 'Network ID' wizard in 2k and it says "windows cannot find an account for your computer on the JAY domain" JAY being the workgroup (and the domain i entered during setup). I choose to continue, and after a few more windows an error message is displayed saying "your computer could not be joined to the domain because the following error has occured: The security database on the server does not have a computer account for this workstation trust relationship" - and thats where im stuck.

I created a NTCONFIG.pol in NETLOGON (C:\Winnt\System32....) with no settings in it in an attempt to help but as i guessed it was futile.

Anyone's help is greatly appreciated. :)
 
Sort by date Sort by votes
Err, let me make sure I have everything in my head right...

I take it you have 1 NT 4 Server, running as a Primary Domain Controller for the "JAY" domain.

You then have 2 Windows 2000 Professional boxes, and 1 Windows 98 box.

You created a user account called "cake" on the NT Server, using User Manager for Domains.

You are trying to join one (or both) of the Windows 2000 boxes to the JAY domain, but you get the errors mentioned above.


If I have that all that correct, then you need to do one of two things.

Either (on the NT4 Server) go into Server Manager, and on the Computer menu, click "Add to Domain". Then type in the name of the Windows 2000 boxes, as an "NT Workstation or Member Server". Then run the Network ID Wizard on the Windows 2000 boxes.

Or, when you run the Network ID Wizard on the Windows 2000 boxes, you should get an option to specify a username and password - put in the Administrators username and password that exists on the JAY domain.

If I have anything wrong, or that doesn't work, let me know.
[auto] MCSE NT4/W2K
 
Upvote 0 Downvote
Thanks dhawthorn, your advice worked perfectly on 1 of my 2k boxes, but after setting up the first one i try the second and it says when running the networkID wizard: "the credentials supplied conflict with an existing set of credentials" and it wont let me continue with that.

A few more questions:
1) Can i just enter the details in the network properties in the Win98 machine?
2) Have you any tips for user profiles for Win2k, as saving a NTCONFIG.pol in the NETLOGON does not seem to apply restrictions to logging in workstations.

Thanks a lot
 
Upvote 0 Downvote
The error you got is because you've connected to the domain under one account (mapped a shared drive, for example), and are trying to create the computer account with another.

Try going to the command line (start -> run -> cmd), and type "net use /delete *", which will close all remote connections. Then try adding yourself to the domain. Failing that, try a reboot.

As to your other questions:
1) Windows 98 has little concept of domains, and no concept of computer accounts. To get it to "join" the domain, you simply put the domain name into the WORKGROUP field on the Identification page of Network Properties. You also add (if not already installed) the "Client for Microsoft Windows Networks" service, and on the properties page for that you tick "Logon to Windows NT Domain" and type the domain name in the text box.

2) I have heard there are some issues with NT4 group policies and W2K pro workstations. You might like to try applying group policies for those W2K boxes, on each individual box. Painstaking work, but then you have only two boxes currently.

What sort of restrictions were you looking to apply? [auto] MCSE NT4/W2K
 
Upvote 0 Downvote
Right - ill try that :)

I was hoping to apply restrictions with the system policy editor (whilst sitting at the NT server i assume - i have a faint memory of 2k having its own version or something...) perhaps im imagining things), so that when either a win98 or 2k machine logged on to the NT server, they wouldnt be able to access things such as the run command in Start and suff like not being able to change the sceen resolution etc. I have got it to work previously on the 2k machines when fiddling, but when i want to do it properly i cant remember what to do! I was under the impression that 2k also looks for the ntconfig.pol file in netlogon, but im not sure how to apply those restrictions in 2k as ive put a ntconfig.pol file there are no restrictions whsoever.

To map several network drives in usr manager, do i just separate the adresses with a comma or something?

Thanks

[lightsaber]
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Locked
  • Question
Trust relationship issue 1
Replies
3
Views
628
araheusaff
araheusaff
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
490
DTGMI
DTGMI
ADB100
  • Locked
  • Question
Single Windows 7 Ultimate workstation not applying Registry, Drive Map or Printers GPO settings
Replies
1
Views
317
technome
technome
ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
744
suncit
suncit

Part and Inventory Search

Sponsor

Back
Top