What do you mean W2K stand-a-lone server? What kind of server? PDC? Web? Exchange? ISA? SQL? If the W2K server will be a domain controller [???] it's gotta run in Mixed mode.
Depending on your current setup, likely you will have to setup the Win2K in mixed mode if you choose AD at all. During setup of Active Directory (AD), it will ask you what environment you choose. Native or Mixed. Once you go native, you can't go back. If you have to stay in mixed mode, the NT boxes will handle all security control for itselves and any other non-native computers within the AD environment. It will lso setup the global catalog server, whichi contains all the security and rights permissions. It's simmular to the SAM's found locally on each machine.
AD functionality centers around Multiple and/or Single Master Operations allowing for replication of security and resources information which is the strengths of the AD schema. There are five main masters: Schema Master; Domain Naming Master; RID Master; Primary Domain Controller Emulator; Infrastructure Operations Master.
Installing Active Directory on the standalone in a mixed environment by default becomes the Emulator. It also becomes the other masters by default except for the Primary Naming Master if a PDC already exists. Only native computers can a master.
The AD Client Extension allows 95/98/NT 4.0 computers to only support: it allows for Site Awareness to reduce network traffic;AD Services Interface (ADSI) for a programming scripting language which allows native and mixed modes mesh seemlessley for object and serives communication it provides a DFS fault tolerance client for AD Clients allowing access to the fault-tolerant file shares specified within the schema; it also gives access to the AD Windows address book property pages allowing users whom have the permission to access to the properties on objects within AD; and provides NTLM v2 authentication to clients if needed for higher security process capabilities.
AD Clients can't take advantage of: KAP (Kerberos Authorization Protocol); Group Policy Support; IPSec & L2TP; or SPN (Service Principal Name or mutual authentication).
A 1-Way Trust means only one path is secure for communication link between domains which are secured communications, while a 2-Way Trust means both secured paths going in oposite directions between two domains are Trusted. A Transitive Trust means that the trust relationship extended to one domain is automatically done to all other domains that trust that domain. A 2-Way Transitive Trust means that the turst relationship extedned to one domain is automatically extended out to all other domains that trust that domain and is the default between 2k domains in the forest.
All the comments were good, although explanations of Trust were a little drawn out. I figured out the problem and all is well. Thanks to all who submitted. It's good to know there's help when you need it!!!!
If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
Adding a WIN2K server to NT 4