Connecting a Macintosh to an SBS 2003 Server via SMB (2007)By
This document provides instructions for connecting a Macintosh running Mac OS X 10.4 to an SBS 2003 server. This document was prepared using Mac OS X 10.4.10, but should apply to any later updates to 10.4. This document makes several assumptions:
- The SBS server is a healthy setup and is configured according to best practices (DHCP running on the server, private IP address range on the internal network, etc.).
- The Macintosh has been updated with the latest available security patches from Apple.
Note: Before you start, make sure the local user name on the Macintosh does not match the Active Directory login name that will be used to access resources on the SBS network. This includes both the long name and the short name for the local Macintosh account. If the local Mac account for Jane Dough has a long name of “Jane Dough” and a short name of “jane” and the Active Directory account for the user is “jane,” you will not be able to authenticate to active directory properly. See “ Outstanding Macintosh Connectivity Issues” for more details.
Phase 1 â€“ Network Configuration
- Open the System Preferences either by selecting the System Preferences icon in the Dock or by selecting System Preferences from the Apple menu.
- Click the Network icon under Internet & Network.
- Confirm that the Macintosh has an active network connection in Network Status. Double-click on the active network adapter.
- Confirm that the network settings provided by the DHCP server are correct. The DNS Servers field will be empty and should remain that way (the DHCP server provides the DNS server entries and those are not displayed in the interface).
- Turn off IPv6 by clicking on the Configure IPv6 button and selecting Off from the available options.
- Enter the internal domain name in the Search Domains field. If the internal domain is .local, no other configuration is necessary in Mac OS 10.4.
- Click Apply Now, then close the Network panel.
- Open the hard drive and open the Applications folder by selecting the Applications icon in the navigation tree.
- Open the Utilities folder in the Applications folder.
- Open the Terminal application in the Utilities folder.
- Ping the SBS server by fully-qualified domain name (i.e., servername.domainname.local) to confirm proper DNS lookup for the FQDN. [Note: you will need to press Control-C to stop the ping process in the Terminal window.]
- Ping the SBS server by NetBIOS name (i.e., servername) to confirm proper DNS lookup for the nodename.
- Quit the Terminal application after confirming proper DNS lookup. At this point, you should have the correct network settings needed to communicate with the SBS server via DNS and IP.
Phase 2 â€“ Active Directory Configuration
- Open the Directory Access application in the Utilities folder.
- Click the lock in the lower left corner of the Directory Access window to make changes to the configuration.
- Enter the password for the local Macintosh account to open the Directory Access settings.
- Select SMB/CIFS from the list and click Configure.
- Enter the NetBIOS domain name for the Workgroup (i.e., domainname instead of domainname.local) and the internal IP address of the SBS server as the WINS server, then click OK.
- Turn on the checkbox for Active Directory.
- With Active Directory selected, click Configure.
- Click the Show Advanced Options arrow to display the full set of options.
- Enter the internal domain name (i.e., domainname.local) in the Active Directory Domain field.
- Turn on the Create mobile account at login checkbox.
- Turn off the Use UNC path from Active Directory to derive network home location checkbox.
- Click the Administrative tab.
- Turn on the Prefer this domain server checkbox and enter the fully-qualified domain name of the server (i.e., servername.domainname.local).
- Turn on the Allow administration by checkbox.
- Change the name of the Macintosh in the Computer ID field if necessary (the default name of the Macintosh may be too long).
- Click Bind to join the Macintosh to Active Directory.
- When prompted, enter the domain administrator username and password. Note the default location of the Macintosh object will be in the Computers container of Active Directory. This location is fine and can be modified later in Active Directory.
- Click OK and the Macintosh will join the domain.
- When the domain join completes, quit the Directory Access application.
- Open the System Preferences and select the Accounts icon under System.
- Click the lock in the lower left hand corner of the Accounts panel to make changes. Make note of the Short Name of the default Macintosh account in the Accounts page. [Note: If this short name is the same as the Active Directory username, you will not be able to log in to Active Directory.]
- When the Accounts panel is unlocked, click the Login Options icon.
- Turn off the Automatically log in as checkbox.
- Close the Accounts panel.
- Reboot the Macintosh. When the Macintosh comes up, you will see an icon for the default account in the login pane. Wait until another icon named â€œOtherâ€ appears to get the Active Directory login.
- Click the Other icon when it appears and enter the Active Directory login information as domainname\username.
- When prompted to create a portable home directory, click Yes.
- Open System Preferences and select the Accounts icon under System.
- Note the Active Directory account now appears under My Account. Click the lock to make changes.
- When prompted for an administratorâ€™s name and password, enter the Short Name of the default Macintosh account that you noted earlier and the password for that account.
- Turn on the Allow user to administer this computer checkbox.
- Close System Preferences and log out.
- Log back in using Active Directory credentials and now you will have full access to the Macintosh.
Phase 3 â€“ Accessing Server Resources
- From the Finder, select the Go menu and select Connect to Server.
- In the Connect to Server window, enter smb://servername and click Connect to get a list of shares from the server.
- You may get an error saying the computer could not connect to the server because the username or password is not correct. This is either because SMB signing has not been disabled on the server or because Windows Server 2003 SP2 has been installed and the scalable networking options have not been disabled. To learn how to disable SMB signing on the SBS server, see How to Disable SMB Signing in SBS 2003. To disable the scalable networking additions of Service Pack 2, see KB 936594 and follow Step 4 in this post from the SBS blog.
- If communication is set properly on the SBS server, you will see a list of available shares. Select the desired share and click OK.
- Once you select the share, the share will open a new window on the desktop. It will also appear as a volume in the navigation tree.
- In the Connect to Server window, you can also specify the full path to a share (i.e., smb://servername/users) and you can save paths on the network to the favorites list by clicking the plus sign next to the server address when you have the path entered correctly.
Automounting network shares on a Macintosh at logon time:
http://www.smallbizserver.net/Articles/tabid/266/articleType/ArticleView/articleId/97/Automounting-SMB-Shares-on-a-Macintosh.aspxÂ (with screen shots)
http://simultaneouspancakes.com/Lessons/2005/11/27/automounting-sbs-shares-on-a-macintosh/Â (text only)
The Alternative to RWW for the Macintosh:
A version of this document with screen shots will be available at smallbizserver.net.