Access Denied error - when setting trust between NT4 and 2003 domains

Posted on 2006-03-30
Last Modified: 2012-06-27
I am trying to setup a two-way trust between Nt4 and 2003 domains.  I am unable to do this becuase I am getting Access Denied error when I try from NT4 domain.  

I can map a drive from NT4 to access 2003 domain
I can PING servers from either domains
I am using LMHOSTS file
I have WINS

I am not sure what I am doing wrong here.

Any help is appreciated.

Question by:dgunna
    LVL 15

    Accepted Solution

    First, make sure that you have the right info in your LMHOSTS file -

    The entry for the W2003 DC that has the PDC emulator FSMO role must contain #PRE #DOM:W2003DOMAIN at the end of the line (where "W2003DOMAIN" is the NetBIOS name of the 2003 Domain).
    There must be plenty of space characters (not tabs) between the name and the #PRE, because a NetBIOS name can be 16 characters long.
    You have to load the LMHOSTS contents into the NetBIOS cache - froma command prompt, run NBTSTAT /R  (note that the /R is CaSe Sensitive)
    Check the contents of the cache by running NBTSTAT /c  (note that the /c is CaSe Sensitive).

    Now create a connection from the NT4 Domain to IPC$ on the 2003 DC that has the PDC emulator FSMO role, using admin credentials. ie

    net use \\W2003PDC\IPC$ /user:W2003DOMAIN\Administrator /password:XYZ

    Then you should be able to establish the trust.
    LVL 82

    Assisted Solution

    Might be that anonymous access is restricted in the W2k3 domain. In addition, make sure your lmhosts file is setup correctly.
    Check these articles:

    How to establish trusts with a Windows NT-based domain in Windows Server 2003

    How to Write an LMHOSTS File for Domain Validation and Other Name Resolution Issues

    Client, service, and program incompatibilities that may occur when you modify security settings and user rights assignments

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
    Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now