Trusted Domains Do Not Appear in the Available List for Domain Logon or Setting Security Permissions

Applies to: Windows Servers


When logging on to a Windows 2000 domain, other trusted domains (for both Windows 2000 and Windows NT 4.0 domains) are not displayed in the drop-down list of available logon options, and the only domain logon option that is available is for the one to which you, the currently-logged on user, belongs. Also, when trying to add or change security permissions by clicking Add on the Security tab, the current domain is the only domain choice that is displayed in the Look in window.


This problem occurs because the Netlogon.ftl file may not have the proper permissions to open, and therefore the list of trusted domains cannot be displayed. The file may also show that no permissions are set on it at all.


To resolve this problem, it is necessary to give both the System and the Administrators accounts full control on this file. To grant both accounts full control on this file, locate the %SystemRoot%\System32\Config\Netlogon.ftl file.

If the file does not have any permissions set on it, you may have to take ownership of the file to set these permissions. You may also have to log on to the system with administrator privileges to set these permissions if the user account with which are logged on does not have the necessary permissions.

To take ownership of this file, click Advanced, and then on the Owner tab, select an administrator account in the Change owner to list, and then click OK.

For additional information about how to take ownership of files, click the article number below to view the article in the Microsoft Knowledge Base:

268019 How to Take Ownership of Files
After setting the permissions on this file so that both the System and the Administrator accounts have full control, log off from and then back on to the computer to see that the list of trusted domains is displayed for both the Domain logon and when you attempt to set the security permissions.


Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.