This article is also available as a PDF download.

Macintosh systems are again appearing on business networks.
Unlike older Macintosh operating systems, when complex AppleTalk configuration
and additional Windows network services may have had to be installed, adding
Apple Macintosh OS X systems to Windows networks is fairly straightforward.

Still, a few catches remain, and configuring Windows domain
or even workgroup membership often requires some fundamental tweaks. Here are
10 key aspects of connecting Macintosh OS X systems to Windows networks.

#1: Windows Sharing must be enabled on the Mac

When adding Macintosh OS X systems to Windows networks,
Windows Sharing must be enabled on the Macintosh PCs. Otherwise, Windows
systems will be unable to access resources hosted on the Macintosh systems.

To enable Windows Sharing on a Macintosh, open System
Preferences and select Sharing from within the Internet & Network section. Then,
select the Windows Sharing check box, as shown in Figure A.

Figure A

When you enable Windows Sharing on the Macintosh, OS X reveals that Windows
users can access the Mac at the IP address listed.

#2: The Mac’s default workgroup name may require changing

If you’re connecting Macintosh OS X computers to a Windows
workgroup, there’s a chance the two won’t play well together. The reason is that
Windows systems sometimes feature different workgroup names. For example, many
Windows systems default to using the MSHome or
Workgroup workgroup name. Often, the default
workgroups are changed by administrators, too, thus requiring changes to
Apple’s default workgroup name.

To configure a Macintosh OS X system’s workgroup name to
match Windows’, navigate to the Applications folder within the Mac’s Finder,
open the Utilities folder, and double-click Directory Access. Click the lock
and supply the Mac’s Administrator password to enable changes. Select the
SMB/CIFS entry (Figure B) and click
the Configure button. In the resulting Directory Access window, supply the
workgroup name you want the Macintosh system to use and click OK.

Figure B

The SMB/CIFS entry is used to configure workgroup names on Mac OS X
systems.

#3: Windows user accounts must be created on the Mac

Before users can get to the resources on the
Macintosh, you need to create local accounts for them on the system possessing those
resources. To create accounts for Windows users on the Macintosh,
open System Preferences on the Apple system and click Accounts from within the
System section.

Again, you’ll need to click on the lock and provide an
Administrator name and password to enable changes. Once you’ve supplied the
appropriate credentials, click the plus sign to create new user accounts.
Windows users will need to enter these usernames and corresponding passwords (as
described in the next item) to access resources on the Macintosh PC.

#4: Mac resources can be accessed using multiple methods

Once a Macintosh system is configured to share resources and
the appropriate user accounts have been created, Windows users can access the
Mac’s resources. Several methods are available.

Windows users can try using the Add A Network Place Wizard
(reached by clicking Add A Network
Place
from the Network Tasks pane within My
Network Places). Often, a better method that works with great consistency is to
open My Network Places, Windows Explorer, or Internet Explorer and type the
Apple’s IP address followed by a valid user account.

Use the following format to connect to an Apple system
possessing an IP address of 10.0.0.2 using the Administrator user account:

\\10.0.0.2\Administrator

The Mac will prompt the Windows user for a valid account
username and password. Once supplied, the Macintosh’s shared resources will
appear within the Windows window.

#5: The Mac’s Print & Fax applet enables printing to Windows-hosted printers

Use the Apple’s Print & Fax console (Figure C) to configure Macintosh
systems to share their printers with Windows PCs. The Print & Fax menu is
housed within the Mac’s System Preferences (beneath Hardware) application.

Figure C

Sharing Mac printers is relatively straightforward; just select the check boxes
for the printers you wish to share.

To enable Windows users to print to a printer installed on
the Macintosh system, simply click the Sharing button and select the check
boxes for the printers you want to share. You can also enable Windows users to
send faxes through the Macintosh by clicking the Let Others Send Faxes Through
This Computer check box.

Although you’ll usually still need to load the respective
print drivers on the Windows systems, triggering these shares opens the
communications pathways to enable printing between the two operating systems.

#6: File Services For Macintosh must be installed on SBS servers when OS 9 is
present

When moving to Windows Small Business Server-powered domain
environments, administration becomes a little more complicated. Configuration
is especially complicated when pre-OS X operating systems are still in use.

If Apple’s OS 9 systems must be supported, File Services For
Macintosh should be enabled on the Small Business Server. Open Add/Remove
Windows Components within Control Panel and enable File Services For Macintosh
from within Other Network File And Print Services (by clicking the Details button).

#7: File Services For Macintosh requires the Microsoft UAM

To connect using File Services For Macintosh, Microsoft’s
User Authentication Module, known as the UAM, must be installed on each Apple
system. Administrators of both OS 9 and OS X systems can obtain the UAM by
downloading it from Microsoft’s
Web site.

OS X administrators can install the UAM using the
accompanying .pkg installer. OS 9 administrators,
meanwhile, must copy the MS UAM 5.0 file from the subsequent (upon download) MSUAM_for_Classic folder to the AppleShare folder within
the Mac’s System Folder.

#8: File Services For Macintosh requires re-creating Windows shares

Enabling File Services For Macintosh requires that existing
Windows shares be re-created. Windows administrators can use the Windows Manage
application to access Shared Folders and re-create the shares. Existing folders
or data need not be re-created.

When re-creating the shares for use by Macintosh clients, use
the Share A Folder Wizard, which is triggered by right-clicking Shares (within
the Shared Folders console) and clicking New Share. Be sure to select the Apple
Macintosh Users check box on the Name, Description, and Settings screen (Figure D) for each share you re-create.
Then, finish the Share A Folder Wizard by assigning appropriate permissions to
the share.

Figure D

When recreating shares, select the Apple Macintosh Users check box and
enter a name for the new share.

#9:
OS X 10.3 and later can join SBS networks using Samba

An alternative, and simplified, connection method is available if
only Macintosh OS X 10.3 and newer systems are joining the Windows server
domain. In such cases, you can leverage native Windows SMB connection methods
to access Windows resources using Apple PCs.

However, before you can use Samba–which typically provides
faster network performance than File Services For Macintosh–to connect Macs to
a Windows SBS 2003 box, you must change the server’s Default Domain Policy.
Specifically, you’ll need to adjust SMB signing policies.

The requirement can be met by creating a new GPO (as opposed
to editing the Default Domain Policy). The new GPO must disable the Microsoft
Network Server: Digitally Sign Communications (Always) setting. Once you’ve
created the new GPO disabling SMB signing, don’t forget to apply it by opening a
command window and entering gpupdate /force.

#10: SBS .local domains may require DNS updates on the Mac

Because older (OS X 10.3 and earlier) Apple OS X operating
systems encounter DNS issues when deployed on SBS domains possessing a .local
internal domain name, systems using OS X 10.3 and earlier must make extensive
DNS changes to leverage Samba. Older Mac operating systems use Apple’s
Rendezvous, which makes use of multicast DNS services within its own .local
internal domain. Hence the conflict.

Instead of configuring new DNS settings on each of the
Macintosh systems and enabling separate unicast resolution for each, the most
expedient solution is probably to upgrade to OS 10.4 (if only a few Macs are in
use) or drop back to using File Services For Macintosh (if numerous Macs are in
use and no network latency issues result).