Wintivity ™

What to do if .local has been used in Windows Network as the first level domain name of the Internal domain and you are deploying in an “Apple Mac centric” network with older Mac’s in the environment?

To help Mac DNS resolve .local Please read KB836413 - You receive an “unexpected error occurred” error message when you try to access resources on a Windows-based network from your Macintosh computer

content of KB Article

• .local Preferences adjustment: http://support.apple.com/kb/HT2385?viewlocale=en_US
• Updating Mac OSX: http://support.apple.com/kb/HT1338?viewlocale=en_US
• Apple Support: http://www.apple.com/support/

File Systems tools for interoperability between Windows, Apple Macintosh, and Linux

Useful free tools (and good reading) for use in a heterogeneous [ Windows / Mac / Linux ] File System environment

Windows File System tools serving Mac

Services For Macintosh (SFM)

SFM was an effort by Microsoft supporting Mac integration into the Windows Network. SFM is available in Windows 2000 Server and Windows 2003 Server (but has been dropped from Windows 2008 Server). Services For Mac includes these three key Server services:

• File Server for Mac - checklist
• Print Server for Mac - checklist
• AppleTalk networking and routing - checklist

File Server for Mac - KB147438

File Server for Macintosh (FSM), which is part of SFM, allows Windows and Macintosh clients to create and open files on the same share by presenting the files to the clients with the naming conventions used by their operating systems.

Macintosh and Windows Server Integration - TechFAQ

The folks at TechFAQ have written an excellent article on Mac and Windows Server Integration. The article includes detail walkthroughs about activiting and administering verious Services For Macintosh features.

Also, here are genrally helpful tips on Performance Tuning Guidelines for Microsoft Services for Network File System

File System Tools from the Open Source Community

NTFS-3G

An NTFS driver for Mac OS X and Linux is NTFS-3G - ( also read the NTFS-3G FAQ )

The NTFS-3G driver is a freely and commercially available and supported read/write NTFS driver for Linux, FreeBSD, Mac OS X, NetBSD, Solaris, Haiku, and other operating systems. It provides safe and fast handling of the Windows XP, Windows Server 2003, Windows 2000 and Windows Vista file systems. POSIX file system operations are supported, and full file ownership and permission support is available as well.

Mac File System software serving Windows

• HFSExplorer - by Erik Larsson - erik82 [at] kth (dot) se
• Mac OS X: About file system journaling - Apple Support

Linux File System software serving Windows and Apple Macintosh

• Explore2fs - Explore2fs for Windows is a WIN32 explorer for Linux ext2fs partitions. Full URL here http://www.chrysocome.net/explore2fs
• Ext2fxc - Ext2fxc for Apple Macintosh is an implementation of the Ext2 (Linux) file system for Mac OS X. Full URL here http://sourceforge.net/projects/ext2fsx/

User Space File System software

• Linux - FUSE -  http://fuse.sourceforge.net/wiki/index.php/OperatingSystems
• Mac - MacFUSE - http://code.google.com/p/macfuse/
• Windows - WinFUSE - http://www.suchwerk.net/sodcms_FUSE_for_WINDOWS.htm
• Windows - UniversalFUSE - http://www.eldos.com/cbfs/

Experiment with these File System resources in your heterogeneous environments. Please comment if you have more, better, or mo-better solutions.

Thanks.

Today I’m installing Small Business Server 2008 for a client that has a bunch of Macs.

THE PROBLEM

The Small Business Server was delivered with a “partial install” of SBS2008 already complete. The challenge right now is that I cannot use the sbsanswerfile.xml to control the FULL INTERNAL DOMAIN name. My opinion: “this is either an oversight or mistake in SBS 2008 setup design”. The oversight being that the answer file cannot be called upon when “continuing setup” if a partial install has already been completed (this is even though the internal domain name has not yet been defined by the wizard).

The wizards allow the admin to define “only the secondary level domain name” (the vanity domain) and not the top level domain.  The default top level domain in SBS, as a result of using the wizard, must then be .local . My opinion: “It would have been much better to allow the sbsanswerfile.xml to be called from the setup wizard upon continuation of an OEM based install.” This could provide more flexibility and be a 2nd option in addition to clean installs that call the sbsanswerfile.xml from the very beginning.

Anyone who does VAR based work for a living experiences these “partial complete installs” as common place when working with an SBS box from an OEM manufacturer (i.e. Dell, HP, etc…). So why kill all other possibilities on these boxes than .local for the top level of the FULL INTERNAL DOMAIN. Doing so leaves admins in the “real world” with no other option than the requirement of a complete re-install?

To review: use of the sbsanswerfile.xml is the only resource from which “the FULL INTERNAL DOMAIN (which includes the “top level domain) can be defined. The sbsanswerfile must be called from the very first stages of an SBS 2008 install or .local will be the top level domain internally.

THE CLIENT

So getting back to my client: It appears that we have no choice. A (.local) top level domain will “have to” be used for the internal domain because we’ve got an OEM partial install. Since we are installing for a client that has Macs, I would have far rather used the answer file and altered the internal domain name to companyname.pri . The reason is in relation to Rendevous (now called Bonjour) and Mac’s design that treats any request relating to a .local first level domain in the context of Rendevous (Bonjour).

Networking Windows .local and Apple Macintosh

What to do if .local has been used in Windows Network as the first level domain name of the Internal domain and you are deploying in an “Apple Mac centric” network with older Mac’s in the environment?

To help Mac DNS resolve .local Please read KB836413 - You receive an “unexpected error occurred” error message when you try to access resources on a Windows-based network from your Macintosh computer

content of KB Article

• .local Preferences adjustment: http://support.apple.com/kb/HT2385?viewlocale=en_US
• Updating Mac OSX: http://support.apple.com/kb/HT1338?viewlocale=en_US
• Apple Support: http://www.apple.com/support/

Microsoft Exchange Server is available to Client systems via a variety of methods outside of the local network.

• OWA - Outlook Web Access
• OMA - Microsoft Mobile Access
• Outlook using RPC over HTTP

These (among others) are some of the more popular ways that knowledge workers access their mail, calendars, tasks etc… from Exchange Server while outside of the office.

Outlook using RPC (remote procedure call) over HTTP is very popular for those workers who need the full Outlook experience (more than just email). Using Outlook RPC/HTTP gives the Client access to Public and Shared Company Folders in real time that would only available “Offline” as Favorites otherwise.

So what about the Mac? Can the Mac access Microsoft Exchange Server using Outlook RPC over HTTP?

If you are using Entourage (Microsoft Office 2008 for Mac), Exchange Server based email boxes, Public Folders, and more.. can still be accessed via a similar method to RPC over HTTP. Entourage makes use of WebDav (Web Distributed Authoring and Versioning) to securely access your Exchange mailbox using the Entourage for Mac.

How to do it?

First, launch your web browser and navigate the URL where Exchange can be accessed

Microsoft Exchange Server generally will have a certificate of some kind installed. This encrypts traffic (and your credentials) so they cannot be easily read. If the Certificate is not trusted by your browser and/or application, it will cause an error to be thrown.

To make things a little smoother, Trust the Certificate. View the warning window carefully. Select to “Show the Certificate”

as you view the Certificate, look for an select the Trust drop down

Select Always Trust Certificate

Enter your password.

You can then view Keychain Access to confirm that you Certificate has been trusted.

Now you should be able to view the Exchange Outlook Web Access page without difficulty or error

Now Setup your Entourage Account access to Exchange. Go to Tools | Accounts

For the Account type, select Exchange

Setup the Exchange Account manually by clicking the “Manually” button

You may now edit the individual account settings to access Exchange:

Remember as you enter data here that Entourage communicates with Microsoft Exchange differently than Outlook does on the PC. Entourage uses WebDav. Entourage also uses a slightly different set of conventions in entering credentials.

• Account name:
• Personal Information
  • Name: your Full Name
  • E-mail address: your Email Address
• Authentication
  • Account ID: your Windows username for the Domain your Exchange Server is a member of
  • Domain: the name of the Domain
  • Password: your password
• Server information
  • Exchange server: enter the URL used to access your Exchange Server online
  • [ ] DAV service: be sure to CHECK THE BOX to secure the connection over WebDav. This uses the certificate you Trusted earlier to encrypt your credentials as you logon to Exchange.

Go back to Entourage and check your mail. At this point you may begin to see some activity:

That’s it. Grab a glass of water at the cooler. Talk about some fun stuff and then… get to work.