Set Windows Server 2003 to allow Mac connections

Mar 08, '05 09:02:00AM

Contributed by: Anonymous

Microsoft Windows Server has a some vaguely-worded options which must be disabled to allow OS X's Samba to connect. I never did fix the "name or password is incorrect" error connecting via Samba to my Windows 2000 Server install, so I always passed data back and forth using an XP machine. Seeking to end that kluge with my new Windows 2003 Server install, I hacked everything I could find on the OS X side to no avail. I finally gave up and turned to the Domain Server for salvation. Eventually, I found the right settings:

Start -> All Programs -> Administrative Tools -> Domain Controller Security Policy. You can ignore any errors about truncated strings ... gotta love one-button alerts. Then navigate into Local Policies: Security Options, and set the following:

Now, if you want the Server to be able to connect to the Macs on the network, or any Samba server (I think), set the following in the same Local Policies: Security Options area: And finally, if you want the domain's Windows boxes to be able to connect to the Mac/Samba, set the following: I suppose these same policies are found in a similar location in Windows 2000 Server, but I'm not going to reinistall it just to know. Why all of this was so hard to find and/or figure out, I don't know -- it seems pretty simple once I collected it all from about 10 different places.

Warning: This hint lowers your network's security a bit, use at your own risk.

[robg adds: I can't test this one, nor can I vouch for the impact it has on security. If anyone has any comments one way or the other, please add them. And yes, I know it's not really an OS X hint, but it's a hint to help OS X machines in a Windows-server world...]

Comments (24)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20050302023720578