Here is the senario:
Windows NT domain with 500 computers and 300 users.
Windows 2000 domain with 2500 computers and 15,000 users.
We are migrating the windows nt domain into the windows 2000 domain.
I have a test environment setup with copies of domain controllers from
both domains, and setup bidirectional trusts between domains for
migration purposes. We have to have them bidirectional for the
migration process.
What I need to do is prevent users from the windows 2000 domain from
logging in on the computers that are in the Windows NT domain until
the migration is complete, because the policies that are on the
machines in the NT domain will get overwritten and security on the
machines will be compromised.
How do I go about preventing the users in the windows 2000 domain from
logging in on the computers that are in the Windows NT domain?
Any help would be appreciated.