From: "Madscientist" <madscientist@microneil.com> Subject: RE: [NTISP] Win2k FTP authenticating NT4 Domain users... NOT! Date: Wed, 2 May 2001 18:09:31 -0400 Message-ID: <DPEJKKEEMGPDOOKGEHLMEEDNFDAA.madscientist@microneil.com>
Thanks Randy, way ahead of you.
The box is in mixed mode and other access (drive shares etc) is fine.
I was able to access an FTP site just now by including the domain along with
my user name... but I don't need to do this with the other boxes, and if I
have to retrain all of the users, I might as well just reassign their
accounts... unacceptable.
That is, logging in with username works fine on existing servers.
Logging in on the new box requires domain/username and this is as bad as
reassigning all of the accounts.
Having got this far, is there a switch somewhere that I can throw where the
new box will assume the domain name for me when ftp users log in... I can
set this for WWW sites (and have - it works ok).
Thanks in advance and thanks for the quick response.
I think I'm getting there... I hope this last bit is something very simple.
CHEERS!
_M
-----Original Message-----
From: ntisp-request@iea-software.com
[mailto:ntisp-request@iea-software.com]On Behalf Of Randy Martin
Sent: Wednesday, May 02, 2001 6:00 PM
To: ntisp@iea-software.com
Subject: Re: [NTISP] Win2k FTP authenticating NT4 Domain users... NOT!
You need to have the W2K box running in mixed mode NOT native mode. If
you've already changed the mode to native mode, then you cannot go back. If
you are in mixed mode, you can just have the server join the domain. It will
then authenticate into the domain like any other server.
If you are in native mode (which enables active directory and a bunch of
other things, but doesn't let the W2K server play nice with NT4 domain
controllers), then you either have to upgrade every server to W2K, or start
over with the W2K box -- reinstall W2K Server on the box and make sure that
you just let it default to mixed mode and don't change it until you're ready
to upgrade all the servers on the network.
Randy
At 05:37 PM 5/2/2001 -0400, you wrote:
I have a stand-alone win 2k server running IIS.
I have both PDC & BDC NT4 boxes pre-existing which authenticate our
isp/asp users.
We wish to migrate some sites from a deprecated NT4 server IIS box to
the new Win2k IIS box.
HOWEVER, we cannot get the Win2K box to allow domain users to login to
FTP.
Users defined locally on the Win2K box can login without trouble.
We attempted to add DOMAIN/Domain users to the Log On Locally security
privelege, but it won't work!
How can I get a non domain controller Win2K server to authenticate users
from my old NT4 network for IIS access??
I have researched the 'net on this and found nothing that applies.
HELP.
Thanks,
_M