it could well be that you got it spot on.
i tested with my lap against another domain which worked like a champ and i noticed in tcpview that lsass.exe is listening to port 389.
Your tip on the primary NIC seems really plausible. i'll try it tonight..

hmm... just a thought, would this mean that any DC acting as router between two networks would only be accessible from one of the networks ??? that would be a pity

[ 05 February 2002: Message edited by: mvdw ]