Question : Disable SID Filtering in a Windows 2000 domain

I'm staging an environment for a migration. The source domain is Windows 2000 and the target domain is Windows 2003. I've used Quest Migration Manager for AD to bring the users/groups/contacts over.

After the users and computers have been migrated, the users can no longer access resources in the source domain. I ran Mytoken and it looks like the users only have 1 token, which led me to believe SIDfiltering is enabled on the 2000 domain.

An article I've read says running this command:

NETDOM TRUST trusting_domain_name /Domain:trusted_domain_name /FilterSIDs:no
/UserD:user /PasswordD:password /UserO:user /PasswordO:password

will disable sidfiltering, but NETDOM HELP TRUST shows that /FilterSIDs is not even an option.

How can I disable SIDFiltering in the 2k domain and verify that its' been disabled?

Regards,

fedsig

Answer : Disable SID Filtering in a Windows 2000 domain

I figured it out. We had 1 DC at SP4 and one DC at SP3. The problem was the newer version of the support tools has the netdom command that has the /filtersids switch.

The resolution was to install SP4 on all DCs, uninstall the currently installed support tools and install the newest version.

Thanks for your help anyhow.

Random Solutions

Errors on Web Application running Crystal Reports

Setting ScaleX and ScaleY on scaleTransform

How do I can make my iPhone & iPad to work with Exchange server?

How to add a dns entry in windows SBS 2003

Email stay with retry status in the queue of Exchnage 2003.

MySql Conditional from

Problem calling 2 forms in the same DLL

Hard Drive Compatibility

Using a website instead of Excel

adding read permission's to a file using php script