It seems a very "critical" point in the deployment of AD is the discovery of a W2k domain controller by an exsiting w2k computer (professional or member server).
I would guess (without having done the work in capturing data !) that w2k clients in an NT4.0 domain are attempting to discover a DC using LDAP / DNS lookups which is failing on account of there being no directory. They fallback to the legacy locator process based on broadcast / wins 1c lookup which returns DC information. As soon as the first W2k DC for the domain is introduced i have picked up that the client undergoes modification (lsa secret ...) such that it will irreversibly use the native w2k protocols - kerberos ..... Allied to this is the update that it makes to its own computer object in the directory - dnshostname .... and also service principal name registration. Is there any other / more detailed information on what for me is a very key change to manage in a deployment scenario of in-place upgrade of an NT4 domain which already has w2k computers. Don't know if i am being greedy, but specfic information on how NLBS clusters behave / known issues in the w2k AD environment would be VERY gladly received. GT List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
