getting Vista to join a NT4 domain

April 10th, 2007, 10:45 am

ok, I have a handful of new Vista desktops I need to join the NT4 domain and so far I'm not having much luck, anyone already done this that can point me in the right direction?

[grinch2171]

April 10th, 2007, 10:55 am

What i found so far

Quote:

With the default settings Vista won't authenticate to a NT domain. You have
to lower the authentication level Vista uses.

"Run as administrator" secpol.msc

Under Local Policies > Security Options

Change the value of "Network Security: LAN Manager authentication level"
from "NTVLM2 responses only" to "LM and NTLM - use NTLMv2 session security
if negotiated"

Note that I last tried this with build 5384. Newer builds may need a
different fix.

I find it a little sad your desktops are newer than your domain. That is sad and should be rectified.

April 10th, 2007, 12:16 pm

Thanks for the reply

This is what I ended up doing:

1. SRVMGR.EXE on the PDC and add the computer name of the Vista PC.

2. On Vista PC run, secpol.msc then Under Local Policies > Security Options, Change the following two settings

- Domain Member: Digitally Encrypt sign secure channel data (always) - change to disabled
- Network Security: LAN Manager authentication level - change to "Send LM and NTLM - use NTLMv2 session security if negoitated"

Quote:

That is sad and should be rectified.

heh, I agree 100%. The truely sad part is the new server has been here almost a month but my backup is backordered All this hassle and I'll be undoing it all in a couple weeks ::grumble::