connect 2 NT4 domains

connect 2 NT4 domains

Post by Pete » Sat, 03 May 2003 03:10:18

I have 2 NT4 domains, 1 uses 192.168.224.XX and the other one 192.168.225.XX
In both domains is 1 PDC gedefined.
Ik want to connect the domains by SDSL/VPN.

Do I need to work with Trusted Domains ?
Has anyone any experience with this stuff ?
All suggestions are welcom .



connect 2 NT4 domains

Post by Maarten Wiltin » Sat, 03 May 2003 19:44:19

>I have 2 NT4 domains, 1 uses 192.168.224.XX and the other one
>In both domains is 1 PDC gedefined.
>Ik want to connect the domains by SDSL/VPN.

>Do I need to work with Trusted Domains ?

The domains in the name of this newsgroup have nothing to do
with Windows NT/LAN Manager domains. They refer instead to
the domain names as defined in the DNS.

Assuming all clients use the PDCs as their default gateway,
it would suffice to give those a route to the other subnet.
This can be done using the RRAS package, installed on the
PDCs or on dedicated machines. In the latter case, the PDCs
would have to be told that the other subnet can be reached
through said dedicated machine. RIP can also propagate this
information automatically; it's included in the RRAS package.

Trusted domains allow you to use groups and users in another
domain as though they were in this domain. You can make them
members of local groups so they get the rights of those. As
you are probably merging two networks, that is likely what
you want to do. Otherwise, you can have access to resources
in the other domain, but you have to login to it separately.

Maarten Wiltink


1. NT4.0 dialup to Cisco Secure and Domain authentication


Can anyone help?

I am currently having a problem with NT4.0 / 2000 workstation Clients who
dialup to Ciscosecure 2.4 running on NT server, to access domain resources.
The cached profile of the user works OK if it is up todate, although if the
users domain password has expired then their cached profile is not in sync.
This causes NT to ask for username and password for every resource you

Windows 95 doesn't have a problem as once the user has dialed in and
authenticated with the RAS server they are prompted for a domain login,
which allows the user to change their password.

NOTE: It is worth noting that if you dialup from the CTRL-ALT-DEL and check
the connect using dialup networking box this problem does not occur as the
NT authentication is held util the ppp/chap authentication is complete.

I have researched this with technet and the only solution I can find is to
set a registry setting so that RAS connections are not dropped on logoff
(keepalive) and having the user re-logon from CTRL-ALT-DEL. This is not an
ideal solution as most of the RAS users use facilities such as F5 to dialup
and check for new mail in outlook 97.

Ideally i would like to find a method of prompting the user to
re-authenticate /
change their password with the domain after the dialup connection has been
established (re run Winlogon somehow?) but cannot find a solution.

Can anyone offer any suggestions how i could get around this problem?



2. Can not delet item in Account

3. Changing password NT4.3 client Domain & NDS

4. Welcome to comp.unix.questions [Frequent posting]

5. NT4 / WIN2k Domain vs Workgroups

6. Correction:Problems with Quantum ProDrive Lightning LT730 on black

7. W2000 workstation logons to NT4 domain server

8. NEED HELP!!! Diamond Video Card

9. Windows NT4 always needs to joing Windows 2000 domain

10. NT4 Workstation won't log into 2000 Domain

11. NT4-Terminalserver Domain Log-in

12. Problems logging onto Domain in NT4 Server

13. W98 client can't login to NT4 domain: "Illegal datagram" warning...