I decided to see if I could troubleshoot my problems with my new MacBook Pro and my Windows Domain. To review the bidding, it thinks it is logged on to (bound to) the Domain, as indicated by the green dot. On the server, Active Directory has the computer listed. But when I try to look at files on servers that are part of the Domain, I am forced to reenter my credentials, which means the servers don’t recognize me as being a domain user authorized to access the data.
For my first test, I thought I’d try to make things work in reverse. By that I mean letting me use resources on the MacBook from a workstation on the domain without reentering my credentials. I went into the Users part of System Preferences, clicked on the radio button to allow access, and went into the screen where I could pick the users that were OK to access the MacBook. I was pleased to see all the domain users in the pull-down menu. This means that the MacBook is sufficiently on the domain to pull the user list from the server.
So far so good. I walked over to a workstation, opened a network browser, and looked for LadyEdith. Not there. I typed “\\LadyEdith\” into the search text box. I got this:
Maybe that’s because I have no Public folders. I created a folder on the desktop called Public, shared it, and gave “Everyone” read and write access. No dice. I pinged the Mac just to make sure I had basic connectivity. No response, although the local DNS converted the Mac computer name to the right IP address.
I went over to the Mac and tried the ping in the reverse direction. That worked fine, but I noticed something funny. On the bash command line, the Mac was identifying itself as “tompkins” which was the name that it had supplied when I first tried to configure the AD connection.
I thought I’d fixed that, but at least part of the Mac still had the old name. I rebooted. No change. I checked a couple of other places that displayed the computer name, and LadyEdith was there in both.
Apple says you can log on to a Windows Domain using any one of three formats:
- shortname
- shortname@domain.com
- DOMAIN\shortname
That’s not true for me; only the shortname format works.
And why won’t the Mac respond to pings? Is it turned off by default for security purposes? Is it turned off by Norton? I checked Norton first, by turning off the port blocking entirely. Now I could ping the Mac. I found a less Draconian way of dealing with the problem and implemented it. It is strange that the Norton defaults are so different on the Mac and the PC.
Would this make a difference to the domain access? The answer was yes, as far as accessing domain resources from the Mac. Unfortunately, I can’t browse the Mac from the domain. Could that be a Norton issue as well? I need to poke around. It’s a struggle with the Mac version of Norton; it seems to be less configurable.
Not a bad hour or so. I’d love to know why the bash prompt has “tompkins” in it. [Hey, I found how to change the hostname: at the terminal prompt, type this: sudo scutil --set HostName [new hostname goes here, leave out the brackets] Then restart Terminal. ]
Leave a Reply