Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Question

Can anyone help with Mac to WinServer '08 domain networking?

Jun 28, 2012 9:41AM PDT

I have been working on this for the better part of the day. Forgive any vocabularly misgivings - I'm new to Macs and novice in networking, and especially useless when it comes to mixing them together.

So, I've been trying to connect an Air (Lion v.10.7.4) at work here to our domain that the rest of our computers function from, hosted on Windows Server 2008.

I've been through the Active Directory bit, and do show the domain as being active, and can see the computers and servers on it listed in the Shared list in Finder. However, I can't access any of them like I would be able to from any of the Windows PCs on the domain. From Windows, I can see the Mac Air listed in the list of domain computers, but can't create a connection to it at all.

When trying to access servers/computers' files on the domain, a grey/black bar shows at the top saying "Connecting..." but ultimately says "Failed." If I select 'Connect As...' I get the error message "'There was a problem connecting the server [name].' The server may not exist or it is unavailable at this time. Check the server name or IP address, check your network connection, and then try again."

My original reason for diving into this was because the laptop's user wanted a printer whose IP location is on our domain added to their desktop instead of having to use the terminal log in. I didn't realize those using Macs weren't on the domain, so, here I am, trying to get that going - but, after much struggling, even though I can't connect to the Mac from the domain (as administrator, with adminstrator access rights enabled on the Mac via Active Directory)....

....I am able to add the printers on our network with their IPs and successfully print, with or without drivers. I don't understand how this works (again, networking novice). It's as if there is limited connectivity happening between domain and client. Google searching has driven me to the edge multiple times, because there are so many variants on what seems to be a very similar issue regarding Active Directory to Windows ".local" domain connectivity.

Also, for reference, I don't want to use the "mobile account at login" option given in Advanced Options in Active Directory. We don't need this feature - our staff using the laptops need as little complication as possible during the day. I did enable the option once today to see if it magically solved anything, but of course it didn't.

Anyone know anything about this? Is this me or is this Lion's fault, as so many seem to be claiming?

Discussion is locked

- Collapse -
Clarification Request
Do those Macs have an account on the domain?
Jun 28, 2012 9:59PM PDT

There used to be a piece of software called ADmitMac but I'm not sure if it is still relevant for Lion.


P

- Collapse -
Mac account info
Jun 29, 2012 6:01AM PDT

I'm not sure that with my level of experience if I completely grasp your question. Do I need to add the Air to some kind of authenticated list on the domain side or give it certain permissions once I've bound the Air to the domain?

- Collapse -
Answer
One more thing...
Jun 28, 2012 9:47AM PDT

If I go to Directory Editor in Lion and then select the Directory Editor, I am also able to see everything listed here, including printers and computers and users, etcetera. Not sure if this is significant.

- Collapse -
Answer
"didn't realize those using Macs weren't on the domain"
Jun 28, 2012 11:35AM PDT

Are they still off the domain? Why would a server allow folk or machines that are not on the domain to use files, printers and more?

Think about that.
Bob

- Collapse -
About the domain
Jun 29, 2012 5:18AM PDT

I've only tried adding this one Air to the domain, but yes, it shows up in the list/is (supposedly) on the domain now ...I was just mentioning how rather than just adding printers via IP address alone, I wanted it (and eventually all of the Macs we have) added to the domain to be able to access everything like everyone else. I say "supposedly" added because I can't connect to it from any administrative Windows computer/account, nor can the Air connect to anything on the domain, but it can see all of it.

- Collapse -
Now we get to talk about what this connect to i is.
Jun 29, 2012 5:54AM PDT

For example I find some newer admins to struggle trying to connect to a machine (PC, apple, does not matter here) when the machine has nothing shared or is firewalled. An Apple has nothing to say or share in its stock setup. That's the right way to run this show since sharing a folder on a machine is an attack vector so starting with no shares is a great idea.
Bob

- Collapse -
And now I have to ask. Did you read Apple's document? link.
Jun 29, 2012 6:09AM PDT