Microsoft small business knowledge base

Article ID: 155764 - Last Review: February 28, 2014 - Revision: 4.0

This article was previously published under Q155764
This article has been archived. It is offered "as is" and will no longer be updated.


In order to grant users in an accounts domain Remote Access Service (RAS) dial-in permissions to a server in a resource domain, it is not necessary to add these users (individually or as a group) to the accounts database of the resource domain. It is also not necessary to have a RAS Server running in the Accounts Domain as long as the Resource Domain is configured to trust the Accounts Domain. The accounts domain does not have to trust the resource domain for this configuration to work.


Take the following steps to grant dial-in permissions to users in the trusted accounts domain for the RAS server in the resource domain:
  1. Either the administrator's account from the resource domain has to be part of accounts domain Administrators group (as per a trust), or while logged on to the Resource Domain, the administrator must

    NET USE \\Accounts_PDC\netlogon /u:Accounts\administrator

    (Where Accounts_PDC is the Primary Domain Controller (PDC) for the accounts domain) and enter the password for this account in the Accounts Domain when prompted.
  2. After making the above connection, perform the following steps:
    1. Start up RASADMIN on the server in the Resource Domain.
    2. From the Servers menu, choose Select Domain Or Server.
    3. In the Domain field, enter the domain name of the trusted Accounts Domain and press ENTER.
    4. If there is no RAS server in the Accounts Domain, the first line of the RASADMIN program display area below the menu displays:

      "No Remote Access Servers were found in the selected domain."

      Otherwise, it displays the server name of a server that is currently running RAS.
    5. From the Users menu, choose Permissions.
All users from the Accounts Domain should now appear in the Users box, and it is possible to choose Grant Dial-in Permission to User per user from the Accounts Domain to dial-in to the Resource Domain's RAS Server.

  • Microsoft Windows NT Advanced Server 3.1
  • Microsoft Windows NT Workstation 3.1
  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0 Developer Edition
  • Microsoft Windows NT Server 3.5
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0 Standard Edition
kbnosurvey kbarchive kbnetwork KB155764
Additional support options
Ask The Microsoft Small Business Support Community
Contact Microsoft Small Business Support
Find Microsoft Small Business Support Certified Partner
Find a Microsoft Store For In-Person Small Business Support