To allow users in an NT domain to use resources on a Windows 2003 domain, you need to set up a one way external trust. In NT-style language, this means that the Windows 2003 domain (trusting) trusts the NT domain (trusted). In User Manager for the NT domain, select policies->trust relationships, and add a trusting domain:

The trust shows up on the NT side:

One the Windows 2003 domain, use Active Directory Domains and Trust to set up the one way trust:

Right click the Windows 2003 domain and select properties:

Select the trust tab, and New Trust:

Enter the name of the NT domain:

In Windows 2003 speak, a “One-way: outgoing” trust means that the windows 2003 domain is the trusting domain, and the NT domain is the trusted, in our case. Remember the arrows? The arrows point at who you trust. So, the arrows are outgoing.

We’ll choose domain-wide authentication:

Enter the password for the trust. Note that by default you need numbers, varying case, etc. You will be warned if you don’t choose a sufficeintly strong password.

About ready to create the trust:

Trust complete:

Let’s confirm the outgoing trust:

We are happy, created, and confirmed:

SID filtering is enabled:

To add groups/users from the trusted domain, use Active Directory Users and Computers. Change the location of the object to the external domain (remote1 in our case):

Choose the object you wish to add:

User test from REMOTE1 is now a member of the local administrators group:

The red arrow means that the object is from an external domain: