Encounter 2 issues w/o no answer yet – related to SAM but not UPN
a. User from Domain SG is able to login to the PC’s in Domain HK using SAM account, but can’t change the password.
b. User from Domain HK is able to login to the PC’s in Domain SG using SAM account and also able to change the password, but the user can’t login to the IIS web in the same PC with Windows Integrated Auth.
Q: how SAM to resolve the Domain Name in the trusted domain without WINS replication enable between domain?
Points to be noted:
1. Domain DNS’ name & Domain NetBios Name: Intra.xxx.net but xxx_Domain.
2. Understanding the NetBIOS Node Types: Enhanced h-node
Clients that use the Enhanced h-node type use the p-node type and b-node type, and DNS to resolve NetBIOS names to IP addresses. Enhanced h-noe type is the default node type used for Windows 2000, Windows XP, and Windows Server 2003 NetBIOS clients who have a configured WINS server for name resolution. The order in which Enhanced h-node type clients resolve NetBIOS name are:
- NetBIOS name cache.
- NetBIOS name server – WINS
- Broadcasting name resolution method.
- LMHOSTS file
- DNS name cache
- HOSTS file
- DNS server
3. How to disable NetBIOS name resolution: Disable NetBIOS over TCP/IP
4. How to make sure NetBIOS name resolution works ?
- NetBIOS over TCP/IP is enabled
- TCP/IP NetBIOS Helper Service is running