Skip navigation
Menu
Compute Engines

JSI Tip 3140. How do I alter the native mode / mixed-mode choice after running Dcpromo?


When you run Dcpromo to promte a Windows 2000 server to a domain controller, you are prompted to choose between:

--> Permissions compatible with pre-Windows 2000 servers

--> Permissions compatible only with Windows 2000 servers

The first option allows anonymous (null) connections, which Windows NT 4.0 clients use for various credential actions.

The method used to accomplish this is patently simply, the Everyone group is added to the "Pre-Windows 2000 Compatible Access" group.

To alter your Dcpromo selection to:

--> Permissions compatible with pre-Windows 2000 servers:

        net localgroup "Pre-Windows 2000 Compatible Access" everyone /add

--> Permissions compatible only with Windows 2000 servers

        net localgroup "Pre-Windows 2000 Compatible Access" everyone /delete
NOTE: See tip 2122 » How can I use a Windows NT 4.0 RAS/RRAS server in a Windows 2000 domain?

NOTE: See tip 2298 » Error when trying to add Windows 2000 domain users to the ACL of a Windows NT 4.0 system - Access is denied?


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
empty cockpit of autonomous car
What Is a Real-Time Operating System, and Who Needs One?
Mar 05, 2024
ERP button on keyboard
5 ERP Trends to Watch in 2024
Jan 17, 2024
automation key on keyboard
Storage Management as a Case Study for Network Automation Adoption
Dec 21, 2023
Abstract technology concept lighting effect on dark blue background
Top 10 Stories About Compute Engines, Linux in 2023
Dec 18, 2023