RE: [NTISP] Win2k FTP authenticating NT4 Domain users... NOT!

New Message Reply Date view Thread view Subject view Author view
Randy Martin (
Wed, 02 May 2001 17:12:31 -0500

Message-Id: <>
Date: Wed, 02 May 2001 17:12:31 -0500
From: Randy Martin <>
Subject: RE: [NTISP] Win2k FTP authenticating NT4 Domain users... NOT!

Did you actually make the W2K machine join the NT4 domain? This might solve your problem.


At 06:09 PM 5/2/2001 -0400, you wrote:

Thanks Randy, way ahead of you.
The box is in mixed mode and other access (drive shares etc) is fine.
I was able to access an FTP site just now by including the domain along with my user name... but I don't need to do this with the other boxes, and if I have to retrain all of the users, I might as well just reassign their accounts... unacceptable.
That is, logging in with   username   works fine on existing servers.
Logging in on the new box requires   domain/username   and this is as bad as reassigning all of the accounts.
Having got this far, is there a switch somewhere that I can throw where the new box will assume the domain name for me when ftp users log in... I can set this for WWW sites (and have - it works ok).
Thanks in advance and thanks for the quick response.
I think I'm getting there... I hope this last bit is something very simple.
-----Original Message-----
From: []On Behalf Of Randy Martin
Sent: Wednesday, May 02, 2001 6:00 PM
Subject: Re: [NTISP] Win2k FTP authenticating NT4 Domain users... NOT!

You need to have the W2K box running in mixed mode NOT native mode. If you've already changed the mode to native mode, then you cannot go back. If you are in mixed mode, you can just have the server join the domain. It will then authenticate into the domain like any other server.

If you are in native mode (which enables active directory and a bunch of other things, but doesn't let the W2K server play nice with NT4 domain controllers), then you either have to upgrade every server to W2K, or start over with the W2K box -- reinstall W2K Server on the box and make sure that you just let it default to mixed mode and don't change it until you're ready to upgrade all the servers on the network.


At 05:37 PM 5/2/2001 -0400, you wrote:
I have a stand-alone win 2k server running IIS.
I have both PDC & BDC NT4 boxes pre-existing which authenticate our isp/asp users.
We wish to migrate some sites from a deprecated NT4 server IIS box to the new Win2k IIS box.
HOWEVER, we cannot get the Win2K box to allow domain users to login to FTP.
Users defined locally on the Win2K box can login without trouble.
We attempted to add DOMAIN/Domain users to the Log On Locally security privelege, but it won't work!
How can I get a non domain controller Win2K server to authenticate users from my old NT4 network for IIS access??
I have researched the 'net on this and found nothing that applies.

New Message Reply Date view Thread view Subject view Author view
This archive was generated on Wed May 02 2001 - 15:11:32 Pacific Daylight Time