OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Problem with 2000 Pro client on NT 4 domain
From: Symon Thurlow (sthurlowATL.CO.NZ)
Date: Wed Jul 12 2000 - 23:35:38 CDT


First, make sure you have the same protocols installed as a domain
controller in the target domain, and the resources you wnat access to. Next,
if you are getting served an IP address by a DHCP server, ensure that it is
giving you a WINS server address. If you are staticly assigning an IP
address, ensure that the relevant gateway information and WINS server
information are entered.

If you don't want to use wins, you need to enter the relevant information
into your lmhosts file. This is located in c:\winnt\system32\drivers\etc

THen, right click my computer, properties. Choose Network ID tab. then click
the properties button. In the member of field, clikc domain and enter the
name of your domain. You will then need to enter the name and password of a
user with rights to add computers to the domain. If that goes ok, reboot and
away you go.

If you don't want to join the domain, and you know what share you need
access to, you can just map a drive to it.

Lets say you have a server in the domain called server1, which has a share
called software that you need access to. The domain is called domain1, and
your user account is jbloggs. From the command line, type:

net use * \\server1\software /user:domain1\jbloggs

hit enter. This will prompt you for jbloggs' password. Enter it, then the
next available drive letter will be mapped to the share.

Easy peasy...

Symon Thurlow
ATL Systems LTD

-----Original Message-----
From: Cowan Paul R Cont OL-D/CSV [mailto:Paul.CowanKELLY.AF.MIL]
Sent: Thursday, 13 July 2000 12:08 p.m.
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Problem with 2000 Pro client on NT 4 domain

Thank you! Was gonna respond with basically the same information.
Remember, everyone has an answer, choosing the best one is sometimes
difficult. The fewer services & protocols running the better.

Paul R. Cowan
Computer Security Engineer, CSC
MCT, MCSE

-----Original Message-----
From: Scott Sanchez [mailto:SSanchezOPUS360.COM]
Sent: Tuesday, July 11, 2000 1:23 PM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Problem with 2000 Pro client on NT 4 domain

Unless something serious has changed between NT4 and W2K that I'm not aware
of, you don't need Netbios or Netbeui installed or passing packets to do
Windows networking... you can bind it all to TCP/IP.

This is a fine example of how you should not always act on everything you
read in lists like this. Netbios and Netbeui as compared to TCP/IP are
highly insecure. Stick with IP if you can, and turn everything else off!

Hope this helps.
-Scott

Scott C. Sanchez, CISSP
Information Security
_____________________________
OPUS360 Corporation <<http://www.opus360.com/>>
39 West 13 Street, 3rd Floor
New York, NY 10011
voice: 1-212-884-6323
cell: 1-917-642-6905
e-mail: ssanchezopus360.com
Solutions For The Way The World Works(sm)

"It is in your moments of decision that your destiny is shaped." -Anthony
Robbins

-----Original Message-----
From: bala [mailto:balaTEXWORLD.COM]
Sent: Tuesday, July 11, 2000 12:49 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Re: Problem with 2000 Pro client on NT 4 domain

HI ,

Have u enabled netbios and netbeui.If not please do enable both and check
wether the user
logging in windows 2000 has access policy configured in the server.

With regards
Bala

-----Original Message-----
From: Ronald Taylor [mailto:rtaylorI-55.COM]
Sent: Tuesday, July 11, 2000 8:04 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Problem with 2000 Pro client on NT 4 domain

I recently got hooked up with a T1 line into my apartment and on on my
company's LAN. There is an NT 4 domain setup for the computers to log into.
I have a Windows 2000 Professional machine hooked up to the LAN. I can join
the workgroup, and can see all of the other computers, but the others cannot
see me. When I try to log into the domain it gives me an error message to
the effect of "the domain you are logging into does not have a computer
account setup" and something about a trust relationship. (sorry I could not
be more specific, i know how annoying it is not knowing the actual error
message) I think it is just seeing the 2000 machine as a NT 4 server . . .
I have to also admit that I am pretty much a paper MCP :( I am certified in
NT Server 4 . . I feel indredibly stupid for not knowing how to do this but
I have little experience with NT in a full fledged network envoriment. I was
able to fix any problems I had with my very small NT network I had. Please
feel free to flame me about my lack of experience, but also i would
appreciate the help.

Oh, and my sys Admin. wont help me . . he says he doesn't know how (all of
his experience is with Novell and Unix) and he is incredibly busy.

I appreciate any help you can give me.

-Ron
suxtobemei-55.com