10.4 Accessing Shares on a Windows 2003 Server

[cameranerd74]

Just curious if anyone has tried this yet. I set up several 10.3 boxes to access shares on a Windows Server 2003 box a while back. I set up the shares on the server normally, and installed the Microsoft UAM for Mac on the Macs. No other configuration was needed.

I was just wondering if anyone has done this with Tiger. Is the built-in SMB/CIFS sharing in Tiger a lot better, or do you still need the UAM? Thanks.

[Raven]

In Tiger you sould be able to simply use Connect to Server in the Go menu of the finder, type in smb://address.of.the.server/pathtoshare
You will get a user name and password prompt (if those are not the same as the credentials the user uses to logon to the local computer). He may have to specify the domain as well.
Its even realy easy to setup a small script to automate this so that the server shares auto-mount at startup.

A side note: If you are using DFS on the 2003 server, you need to use the original NTFS path name as DFS is only staing to be supported with the latest installment of Samba which is not the one used on Tiger (crossing fingers for this to be done in upcoming updates)

Hope I answered some of your questions. Feel fre though to ask more !

[cameranerd74]

So you're saying that you don't need to install the MS UAM in 10.4.X and you don't need to make any changes on the 2003 box? It just works out of the box.

Cool. They must have improved this since 10.3.X.

[Raven]

Personnaly I did not even have issues with 10.3 either via Samba... I also had good success, except when it comes to limiting user access to the machine with AD binding on both Panther and Tiger.

[macgilly]

Quote: Originally Posted by Raven Hope I answered some of your questions. Feel fre though to ask more !

Ok going to take your word for it...

I am a recent switcher to mac. At home I have been happily using a Mac Mini for all my work related stuff and some WoW Playing. I plan to upgrade soon to a well deserved PowerMac Dual 2.0.

Currently at work, I have Windows SBS 2003 we have over 20 PC's (laptops and desktops) hooked to it. When my boss asked me what type of PC I wanted for work, I told him to get me a Macmini, because they were cheaper and i knew i could connect it to the domain. I also have been so happy with the one at home where i connect to my other Windows PC that i figured if I could use it at home for work there, I could use it at work.

I am the IT Manager there... so he got it for me. I am starting my way through Mac know-how, so that is why I am looking for help and guidance, hopefully to learn more of this platform.

Now... When I go to Go on the Macmini, and I pick connect to server (i have the macmini connected to the workgroup at the office) and I click on the machine I want to connect to (this case the server), it shows a little connect button. When I click connect in the server "office" i get a dialog that asks for my account info, so i type: Administrator and my password, then another dialog pops up and says:

The current alias for Office (office is the name of the main server) is not working. It gives me then three options: OK, Fix Alias or Delete Alias.

If I click on OK it does nothing. Fix alias takes me to pick a new alias for Office but the network options are greyed out. Delete Alias lets me delete the alias Office but it gives me an error that i dont have sufficient priviledges.

I need to be able to see my Server from the mac, be able to access some shared folders on the server and I need to connect my entourage to Exchange.

Could you give me some insights on what you did to connect to your Windows SBS?? DO you know a good website or book I can read? I really want to learn how to do this properly because my boss is liking how macs work and i know i have the possibility to turn around most of the office into using macs. But if i cannot connect my own Mac to the server i guess it wont happen.

Hope you can help or put me on the way of a good direction. I really want to learn how to have Macs and Windows co-exist and be productive in a network environment.

also I found by looking around and poking in my mac, that in the same place you find the SMB/CIFS there is an option to configure a Domain just like in Windows for the Active Directory thing in Windows 2003 Server. Can you explain more in depth how does that work? I tried using that to configure the macmini into the Domain but I have not had such good luck with it.

Thanks in Advanced!

Gilbert

[Raven]

I don't think changing the domain alone will make a difference.
What I would personally recommend is to have a script that runs at startup and auto-mounts the drives you wish to connect to sot hey are available on the desktop when you login. This can be done with AppleScript if you are interested.

[cameranerd74]

Just for follow up... it worked flawlessly with Tiger. SMB://Server_Name connected me right to the server and let me choose the share I needed. No additional software was needed on either end. I wonder why I had problems when I did this exact same thing on 10.3?

In any case... it works great. Thanks.

[macgilly]

Quote: Originally Posted by Raven I don't think changing the domain alone will make a difference. What I would personally recommend is to have a script that runs at startup and auto-mounts the drives you wish to connect to sot hey are available on the desktop when you login. This can be done with AppleScript if you are interested.

Can you show me how to do it?? I know as much applescript as you know of penguin anatomy...



Gilbert

[Raven]

Well first off, To make sure you have the proper info:

1. In the Go menu click onConnect to Server
2. Type in smb://ip.of.the.server
3. Click ok
4. When prompted for user name and password, type in the proper domain at the top, then the user name and apssword to login
5. It should bring up a drop down menu with the list of the shares you can connect to
6. Make sure you can do a succesfull connection and mount the volume

Now for the script:

1. Open Script Editor
2. In the new document, type in the following:
Tell application "Finder"

Code:

try

mount volume "smb://domain;username:password@ip.of.the.server/pathtoshare
on error

display dialog "There was an error mounting the server drive" buttons {"Cancel"} default button 1

end try

end tell

All parts in italic need to be replaced by your info. The error dialog section is not mandatory at all.

3. Compile the script
4. Save it a s a script first so you have a backup
5. Go to the File menu and click on Save as
6. Choose to save it as an application, check Run Only, uncheck StartupScreen and Stay Open and thensave it
7. Its now a double clickable app that will mount that drive - test it out
8. If it works, simply add it to your startup items in the Accoutns System Pref pane

To add more mounts to your script, simply add other "try" to "end try" sections after that one.
If your not sure, post your script back here, obviously taking out your username, password server Ip and such delciate info.

[DrianClang]

I'm having a problem and I'm following this thread as a guide to figure out my problem.

I tried the whole smb://nameofserver thing, and when it prompted me for my user name and password, it said I typed my password wrong or my user name was incorrect. Ok, obviously I wasn't typing in my stuff wrong, plus I tried as administrator too. So what's the issue?

[hayne]

Quote: Originally Posted by DrianClang I tried the whole smb://nameofserver thing, and when it prompted me for my user name and password, it said I typed my password wrong or my user name was incorrect. Ok, obviously I wasn't typing in my stuff wrong, plus I tried as administrator too. So what's the issue?

I recall reading about problems relating to the encryption, or lack thereof, of the password being sent to the server. There was an incompatibility between what OS X was sending and what Windows server was expecting. It depends on what versions of each you have and how SMB is set up on Windows.
See the various articles on the main macosxhints site for discussion of this and how to fix it.

[macgilly]

Quote: Originally Posted by Raven If your not sure, post your script back here, obviously taking out your username, password server Ip and such delciate info.

I made some modifications on the script (i learn quickly ), going to put it here so everone can see:

Code:

tell application "Finder"
	try
		mount volume "smb://yadayada@office/OFFICE DATA"
		mount volume "smb://yadayada@office/BIBLIOTECA"
		
	on error
		display dialog "There was an error mounting the Volume." & return & return & ¬
			"The server may be unavailable at this time." & return & return & ¬
			"Please inform the Network Administrator if the problem continues." buttons {"Okay"} default button 1
		
	end try
end tell

When I tried this I even had some problems with Windows 2003 Server. So i dug up some dirt on the boy and found I had to do some extra dirt work on Windows 2003:

Windows Server 2003 Authentication (or how MS doesntlike to play nice with others)

By default Windows Server 2003 will try to encrypt everything sent to and from it. With this enabled you will not be able to log in to the share from your Mac.

To fix this there are a couple of options. If yourserver is nothing more than a file server and Domain Controller Server.

fileserver

In this case open up regedit (Start > Run > "Regedit" {return}) and do the following:

HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ LanManServer \ Parameter \

Then double click on RequireSecuritySignature and set its value to "0" {zero}.

Domain Controller

If your server is also a domain controller, you need to open the Domain Controller Security Policy option from Administrator Tools (Administrative Tools > Domain Controller Security Policy) once there, navigate to Local Policies > Security Options and disable the following two options:

"Microsoft network server: Digitally sign communications (always)" & "Microsoft network server: Digitally sign communications (if client agrees)"

Rebot your server, and you should be good to go.

This is what i did and now everything works perfect.

Now i am breaking my head with Exchange and Entourage.... sigh.. :P

Gilbert

[Raven]

Hum... Had completely forgot about this Windows server issue cause we disabled it a long time ago.
As for exchange and entourage it should work pretty well. Note that you may have to put in the OWA address as the server name instead of the MAPI address as Entourage is not a MAPI client, but a mix of WebDaV and IMAP.

[macgilly]

Quote: Originally Posted by Raven Hum... Had completely forgot about this Windows server issue cause we disabled it a long time ago. As for exchange and entourage it should work pretty well. Note that you may have to put in the OWA address as the server name instead of the MAPI address as Entourage is not a MAPI client, but a mix of WebDaV and IMAP.

well i guess i am screwed i dont know why the OWA is not working properly... sigh...

when i putthe owa addy in entourage i get an error that its not working properly...

[Raven]

Can you even get to the OWA page in a browser ? Can you login to it ?

[macgilly]

Quote: Originally Posted by Raven Can you even get to the OWA page in a browser ? Can you login to it ?

No... thats the weird thing. Ever since i opened the service so that people could log in from the outside, the service of OWA and remote access is down.

have been breaking my head with it lately....

[jimbobt]

Is the correct alias in Dns? ie nslookup
>staffmail.domain.ac.uk


There should be a entry with a ip address?

[jake27]

I know this thread was started months ago but it applies to a network I manage now. Is there any way to have a mac connect to a Win2k3 server share by just typing in the IP address 192.168.x.x INSTEAD of the smb://192.168.x.x entry?

Someone has told me that it should be able to work and that it will prevent unix-based files from showing up in the share directory which happens when creating connections via smb. I have always just used smb://ipaddress

[kayote]

On a very similar topic, I'm looking for the command line equivelent of Go->Connect to Server->smb://server->select volume.

I'm adding 10.4.7 machines to an AD domain and want them to mount volumes on a Windows 2003 server on login.

It works fine from the Go menu on Finder. No passwords required (having already authenticated to AD).

I want it to do this automatically on login for any user, without them having to set anything up.

I've been trying to do it with mount, but it's not working.

"mount IP:/Volume mountpoint" produces: "mount_nfs: can't access <volume>: No such file or directory"

"mount smb://IP/Volume mountpoint" or "mount smb://IP:/Volume mounpoint" produces "mount_nfs: can't get net id for host" (? I gave it an IP!)

[wizochelle]

hi all, my first post here.

i am researching how to integrate macs into our windows 2003 network; all of the info I have read here has been very useful.

I have configured directory access on tiger and i have logged in successfully. but i do not see my home folder.

we do not share folders, users get access to folders based on permissions. so that we have: //server/users/users/username (that is where each user folder is located)
when i connect from tiger, all i get is:
//server/users even thought i enter all path.
we have a script running from the DC that gives shares to pc users according to permissions.
i would like to do something similar but i am not concerned is it is not exactly the same. since they are not part of the domain right now, they have never been able to have shared folders in the server.

a typical pc user gets: their personal drive/folder (my docs), a group drive (according to the group they belong to), and a public drive that the entire organization shares.

what i would like for the mac users:
at the very least: the public drive, if possible their personal drive.
the script we have checks the username and creates the drive based in the username. I wouldn't mind if I have to manually create the folder on the server, since there are few mac users.
any ideas? do you need more info?
thanks in advance for your time and for helping this newbie