For a school project I am attempting to set up a Windows 2003 Server and add a mac client running OS X(10.3.9). Can anyone lend me a hand as to where I start? Ive heard that macs have problems logging into a Windows 2003 domain. Also what needs to be modified on the server so that there are no problems? Any feed back will help a lot. Gracias
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Trying to add a mac client to a windows server, need help
- Thread starter mbeserra
- Start date
- Sort by reaction score
I've done this many times where I used to work.
It is possible and does work well after you get it working the first time.
Here is what to do:
1. Get everything working properly on the Windows side first. Its kinda handy to have 2 PCs. One to install Windows Server 2003 on, and the other to test the login setups, etc... If the login doesn't work on the second Windows PC, then it certainly isn't going to work on the Mac side.
2. Take note of the Administrator password and the server computer name as you'll need this when you bind Active Directory to your Mac.
Now on the Mac, do this: (Make sure you're logged in as an administrator account)
1. Go to Directory Access (Applications/Utilities).
2. Click on the padlock in the lower left to unlock the settings. (You'll need your Mac administrator username/password.
3. Check the box next to Active Directory (if it isn't already checked)
4. With Active Directory highlighted, click on the Configure button near the bottom center. A sheet will pop down.
5. Under Active Directory Domain: put in the name of your domain. (ex. terabyte.com)
6. Under the Computer ID: put in the name you want your Mac to display as in the Computers portion of Active Directory. (ex. iMac G5) DO NOT USE THE NAME OF YOUR WINDOWS SERVER!!!! This will create SERIOUS problems as you'll have two computers on the network with the same name and will take your server offline.
7. Click on the Bind button.
8. It might ask to authenticate (the OS X authentication). Use your Mac username and password. The username will probably already be filled in.
9. You should now have a box that says something like Network Administrator Required. Under that should be Username, Password, and Computer OU (Organizational Unit). For the username, put in the administrator of the Windows server (ex. administrator). For the password, put in the administrator password for the administrator account.
10. Click OK. It should go through roughly 5 steps and then you should be binded with Active Directory. Were not done yet....
11. Click Ok and you should be back to Directory Access window.
12. Click on the Authentication Tab.
13. Under the Search Pull Down Menu, select Custom Path.
14. Click the Add button.
15. There should be /BSD/local and the newly binded Active Directory path. Select the new Active Directory Path and then click the add button.
16. Now click on the Contacts Tab.
17. Under the search pull down menu, select Custom Path and do as you did in the step before by selecting the Active Directory path and click Add.
18. Click the apply button. You should now be able to log in as a registered user in a Windows Server environment.
BTW... if you have an Administrator account in OS X called Administrator and you try to login as Administrator on the Windows Server it will default to the Mac OS X administrator account. To get around this, I renamed the OS X administrator Account to Sys Admin and then you can login as Administrator on the Windows Server.
If you have auto-login turned on, you'll need to turn that off on the Mac side. If you have the users names and pictures displayed at the login screen in OS X, a username called Other should appear in the list. Click that and there you can log into the Windows Server as a Windows User.
If you have any questions or problems along the way, private message me, or email me at mklos1@mac.com.
It is possible and does work well after you get it working the first time.
Here is what to do:
1. Get everything working properly on the Windows side first. Its kinda handy to have 2 PCs. One to install Windows Server 2003 on, and the other to test the login setups, etc... If the login doesn't work on the second Windows PC, then it certainly isn't going to work on the Mac side.
2. Take note of the Administrator password and the server computer name as you'll need this when you bind Active Directory to your Mac.
Now on the Mac, do this: (Make sure you're logged in as an administrator account)
1. Go to Directory Access (Applications/Utilities).
2. Click on the padlock in the lower left to unlock the settings. (You'll need your Mac administrator username/password.
3. Check the box next to Active Directory (if it isn't already checked)
4. With Active Directory highlighted, click on the Configure button near the bottom center. A sheet will pop down.
5. Under Active Directory Domain: put in the name of your domain. (ex. terabyte.com)
6. Under the Computer ID: put in the name you want your Mac to display as in the Computers portion of Active Directory. (ex. iMac G5) DO NOT USE THE NAME OF YOUR WINDOWS SERVER!!!! This will create SERIOUS problems as you'll have two computers on the network with the same name and will take your server offline.
7. Click on the Bind button.
8. It might ask to authenticate (the OS X authentication). Use your Mac username and password. The username will probably already be filled in.
9. You should now have a box that says something like Network Administrator Required. Under that should be Username, Password, and Computer OU (Organizational Unit). For the username, put in the administrator of the Windows server (ex. administrator). For the password, put in the administrator password for the administrator account.
10. Click OK. It should go through roughly 5 steps and then you should be binded with Active Directory. Were not done yet....
11. Click Ok and you should be back to Directory Access window.
12. Click on the Authentication Tab.
13. Under the Search Pull Down Menu, select Custom Path.
14. Click the Add button.
15. There should be /BSD/local and the newly binded Active Directory path. Select the new Active Directory Path and then click the add button.
16. Now click on the Contacts Tab.
17. Under the search pull down menu, select Custom Path and do as you did in the step before by selecting the Active Directory path and click Add.
18. Click the apply button. You should now be able to log in as a registered user in a Windows Server environment.
BTW... if you have an Administrator account in OS X called Administrator and you try to login as Administrator on the Windows Server it will default to the Mac OS X administrator account. To get around this, I renamed the OS X administrator Account to Sys Admin and then you can login as Administrator on the Windows Server.
If you have auto-login turned on, you'll need to turn that off on the Mac side. If you have the users names and pictures displayed at the login screen in OS X, a username called Other should appear in the list. Click that and there you can log into the Windows Server as a Windows User.
If you have any questions or problems along the way, private message me, or email me at mklos1@mac.com.
If you get any error messages after following Mklos's instructions, then go to the server and login as administrator and do the following.
For the Mac to log in you may need to disable Digitally
Sign Communications
To change this on a given domain controller, go to "Start" ->"Administrative Tools" -> "Domain Controller Policy" (not Domain Policy) and look for "Security Settings" -> "Local Policies" -> "Security Options" -> "Microsoft network server: Digitally sign communications (always)". It should show "Enabled" by default. Double-click on it and set to "Disabled". Then close the app and reboot the server. When it comes back up, the Macs should connect without difficulty.
For the Mac to log in you may need to disable Digitally
Sign Communications
To change this on a given domain controller, go to "Start" ->"Administrative Tools" -> "Domain Controller Policy" (not Domain Policy) and look for "Security Settings" -> "Local Policies" -> "Security Options" -> "Microsoft network server: Digitally sign communications (always)". It should show "Enabled" by default. Double-click on it and set to "Disabled". Then close the app and reboot the server. When it comes back up, the Macs should connect without difficulty.