By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
I'm trying to reset a secure channel from Windows 2000 Domain controller (Service Pack 3 installed) to Windows NT PDC (Service Pack 6 installed) with "nltest /sc_reset:<WinNTDomName><WinntPDCName>" command and it fails with the error: "I_NetLogonControl failed: Status = 5 0x5 ERROR_ACCESS_DENIED". It works though for a BDC of the same NT Domain. What could be the problem?
I would guess from your description that you are looking at the trust relationship between the two domains. In the NT world, only one domain controller manages the trust. The BDC is most likely holding the trust information and thus carries the secure connection.