"user not authorized" when running program from NT machine on XP machine

I'm trying to run a program from a Windows NT machine on a Windows XP Pro machine with a command line tool. When I do this I get a error message: "remote userid not authorized". When I do the same thing from XP to XP machine or XP to NT machine, the program starts up.
How can I fix this?
wooliepowerAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
MSGeekConnect With a Mentor Commented:
Explicitly add the domain uset from the NT box to the XP box.
0
 
wooliepowerAuthor Commented:
help
0
 
erikdrCommented:
It's clearly a matter of credentials, and NT accepting the XP credentials while not the other way round.
Option 1): Make sure both machines are in the same domain (ADS probably), and use a network userid on NT which should have enough local rights on the XP box also.
Option 2): Go fiddling around with trusts if they are in different domains.

Good luck,

<Erik> - The Netherlands
0
Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

 
wooliepowerAuthor Commented:
Erik,

the two machines are in the same domain and the domain users are set as local administrators.
What else can I do?
0
 
trywaredkCommented:
WOOLIEPOWER... "domain users are set as local administrators"

Do as MSGEEK told you, BUT PLEASE READ THIS CAREFULLY:

You must NEVER NEVER add a Domain User Group to the Local Admin Group on each workstation.

And You must NEVER add the same Domain User to the Local Admin Group on more than his/hers own workstation

If You add a Domain User Group to the Local Admin Group, every member of this Domain User Group gets unlimited REMOTE access power of every workstation on Your network.

The unlimited REMOTE access involves:
1. Explorer: \\ComputerName\C$
2. Registry
3. Computer Management (Control Panel)


IF YOU WANT TO KNOW MORE ABOUT THIS ISSUE:
http://www.experts-exchange.com/Security/Win_Security/Q_20506528.html
http://www.tryware.dk/English/W2kLocalGroupPolicy/TotalAdminPower.html
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/evaluate/featfunc/07w2kadc.asp
http://support.microsoft.com/?kbid=182734


IF YOU WANT TO TEST IT:
You have to grant a Domain User Group to the Local Admin Group on BOTH test-workstations, AND logout and logon again.

Important: You have to make a new logon after creating the credentials, because they are given in W2k in the second where You press ENTER to password when logging on.

Please reply, when You have removed the Domain User Group from the Local Admin Group again!


Many Regards

Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open

MSGEEK... ;o)
0
 
MSGeekCommented:
Jorgen, I was wondering if you would see this one? :)
0
 
SunBowCommented:
> You must NEVER NEVER add a Domain User Group to the Local Admin Group on each workstation.

> And You must NEVER add the same Domain User to the Local Admin Group on more than his/hers own workstation

I agree. But realistically, all the major companies and corporate hacks think they have to have exactly that and more to manage a corporate network through remote processes. IMO unecessary and evil to implement a handful of simple intrusions.

I have my best luck at getting two machines to agree, when they are both booted standalone (no domain), for same UserID/Psw. While XP doesn't like NT to access, strangely, the NT accessed Exchange2k better than my Win2k. A domain upgrade knocked them both out. If you cannot do admin for PDCs or AD, then I wish you luck (and feel sorry for you if stuck with AD).
0
 
MSGeekCommented:
SunBow ... does that mean your an NDS fan?
0
 
trywaredkCommented:
SUNBOW... "But realistically, all the major companies and corporate hacks think they have to have exactly that and more to manage a corporate network through remote processes"

In order to MANAGE a network add Global Domain Admins Group to every Local Admins Group.

In order to let Domain Users use programs that updates themselfes, add Domain Users to Local Power Users OR ...
add the Domain User to the Local Admin Group ONLY on his/hers own workstation.

In order to have Domain Users using different workstations, you really got a problem.

BTW I'm from Denmark, and I know that BTW means By The Way, but I did'nt understand IMO.

WOOLIEPOWER... Sorry to interrupt your problem about NT to XP, but you could use this answer too.

0
 
trywaredkCommented:
WOOLIEPOWER... Choose Community Support, and ask a moderator to add the answers from http://www.experts-exchange.com/Security/Win_Security/Q_20569667.html to this question
0
 
MSGeekCommented:
0
 
MSGeekCommented:
WooliePower.. glad I could help, what finally resolved your problem?
0
 
wooliepowerAuthor Commented:
MSGEEK  to be honest I didn't try anything. My boss gave me some more urgent things to do, so I didn't have time to find out yet. If you want I can mail you the solution...
(bjorn.pieters@sidmar.arcelor.com)
0
 
MSGeekCommented:
Please advise if you would like a refund of your points.  I am not sure it will be granted, but I can request it.  Let me know?
0
All Courses

From novice to tech pro — start learning today.