Firewall is turned off OR allow exception for Remote Desktop/Remote Assistance

Under services: "Remote Desktop Help Session Manager" to Automatic

Right click My Computer – Properties – Remote – Allow Remote Assistance AND Allow users to connect remotely

Turn Off Simple File Sharing

To turn on or to turn off Simple File Sharing Windows XP Professional, follow these steps:

1. Double-click My Computer on the desktop.
2. On the Tools menu, click Folder Options.
3. Click the View tab, and then click to select the Use Simple File Sharing (Recommended) check box to turn on Simple File Sharing. Click to clear this check box to turn off this feature.

Enable and configure Solicited Remote Assistance

1. Log on as a user with local administrator privileges.
2. Click Start, click Run, type gpedit.msc in the Open box, and then click OK.
3. Locate the Solicited Remote Assistance policy by expanding the tree to:

Local Computer Policy\Computer Configuration\Administrative Templates\System\Remote Assistance

4. Double-click Solicited Remote Assistance.
5. On the Solicited Remote Assistance Properties dialog box, click Enable.
6. Under Permit remote control of this computer, click one of the following options: • Allow helpers to only view the computer

• Allow helpers to remotely control the computer

Note: After the expert computer connects to the novice computer, the expert computer has the option of controlling the novice computer. You can disable this option by choosing the Allow helpers to only view the computer option.

7. In the two next fields for Maximum Invitation ticket time, value and units, choose the settings to control the maximum time for which the ticket is valid. This setting overrides any other settings on the computer.
8. Click Apply, and then click OK on the Solicited Remote Assistance Properties dialog box.
9. Close the Group Policy snap-in.

Note: When this is set to Not Configured, users can still send Remote Assistance invitations. If necessary, you can configure Solicited Remote Assistance in Control Panel. To do so, open the system properties, and then click the Remote tab. The default settings are: • Solicited Remote Assistance is enabled.

Remote Control is enabled. Click Advanced Settings to view this setting.

Maximum Invitation ticket time is set to 30 days.

Enable and configure Offer Remote Assistance

Reference:

http://support.microsoft.com/kb/301527
http://support.microsoft.com/kb/310629
http://support.microsoft.com/kb/306496/

Dug this out of an old email... Going to be doing one of these again:

Tested, freaking took a while to work it out, but after some phone calls, and newsgroup surfing, got it. J
Not sure if all the steps are needed, however this combo worked for me.

Moving a PC (computer object) from one domain (win2k) to another domain (win2k3). I wanted to preserve the profile settings once the computer is a member of the new domain:

• Setup trust between the 2 domains.
• Set the new DC WINs setting to point to the old WINs server
• Load ADMT 3 on the target domain controller
• Setup administrator password to be the same on both domains, as well as the local administrator account on the machine (use Cusrmgr.exe to change admin password on multiple machines http://support.microsoft.com/kb/272530/EN-US/ )
• Add the Domain Admin global group from the source domain to the Administrators Local Group in the Target domain
• Add the Domains Admin global group from the target domain to the Adminstrators Local Group in the source domain
• Create Secondry DNS zone of the other domain on each DNS server (win2k3 – click some settings to allow replication to any server – its locked down by default)
• Set Windows firewall to be turned off on the computers (use GP to turn that f**ker off!)
• *important* Set all client machines to be migrated have their DNS server pointing to the new Win2k3 DC DNS (I set statically, but do this via DHCP when implementing)
• On the target Domain Controller, create an new MMC console, add the ADMT plug in and save to desktop
• Right click on that icon, and run as the administrator account from the other domain

Once the machine reboots, you can log into the other domain with the same account (assuming you used ADMT to migrate user accounts as well!), and viola, the profile should be exactly the same as when logging into the old domain!