Macs in a Windows world

Helping your Apple users become full-time network citizens – without doing a lot of extra work


We IT professionals are seeing more and more Apple Mac computers on our comfortably Windows-based networks. In the past, it’s been easy to ignore them – after all, in many cases they belonged to just one or two users, none of whom tended to be an influential manager or executive. But today it’s just as likely to be the boss with a new Mac.

The good news is that modern Mac computers aren’t necessarily harder for us to support and maintain, and modern networks can cope with diverse systems more easily.

Talking to the network
In the distant past, Macs relied primarily on proprietary networking protocols like the notoriously chatty AppleTalk. Today, AppleTalk is disabled by default, and the Unix-based OS X uses familiar TCP/IP networking by default. The OS X Network preferences are essentially the same as Windows’ Network Control Panel. Macs use DHCP by default, typically have built-in 802.11a/b/g/n wireless, can be configured to use static IP addresses, and automatically enable IPv6 – just like Windows Vista.

What may seem to be missing are the familiar command-line network troubleshooting tools such as Nslookup, Ping, Tracert, and so forth; in fact, as it’s a Unix-based operating system they’re all present. You simply need to open the Utilities folder in Finder (OS X’s equivalent of Windows Explorer) and launch Terminal, the Mac’s command-line prompt. Some administrators prefer using the GUI-based network tools. In Finder, press Command-Shift-U to open the Utilities folder and double-click Network Utility. This provides quick access to the major troubleshooting tools for your network.

One important thing to know about OS X is that it automatically enables a networking protocol called Bonjour, which runs over TCP/IP. Similar in nature to NetBIOS and UPnP, Bonjour is a broadcast-based protocol designed to make printing, file sharing and related tasks easier on home or small networks – the Mac’s primary audience. It’s less useful on corporate networks and can be a source of unwanted broadcast traffic; to disable it you’ll need to run a command from the Mac’s Terminal window:


If you ever need to re-enable it, run:

Note that Bonjour is used for a number of the Mac’s cooler features, such as remote speaker sharing in iTunes; disabling it will of course disable these features. On a Mac notebook that’s used in the office and in the user’s home, that might be a problem, so be sure and discuss it with your users before disabling Bonjour.

Authenticating to Active Directory
These days, every Mac includes built-in support for Active Directory authentication. Macs can mount home directories based on information in AD, authenticate users and computers to AD and even discover domain controllers just like Windows does. The OS X Directory Utility doesn’t enable AD support by default, but once enabled, you simply supply the domain name and other basic information and you’re done. For more comprehensive AD support, including the ability to manage many Mac configurations settings via Group Policy, you’ll need to investigate a third-party solution such as DirectControl from Centrify (


 Support for Active Directory authentication is built in to OS X; configure it in the Directory Utility application.
-- click image to enlarge --



 The Network Utility provides a graphical user interface for the most common network troubleshooting tools.
-- click image to enlarge --

Sharing files
Macs have no problem sharing files with Windows users via Server Message Blocks (SMB). The Mac Sharing Preferences can be adjusted to enable or disable file sharing as well as other sharing services; the same Preferences pane is used to determine what folders are shared, rather than individually sharing folders via the file-browsing application, as you would do in Windows. You’ll notice that the Mac uses a simpler system of permissions than Windows – another part of the Mac’s Unix heritage. Groups can be given Read, Read and Write, or Write privileges, and that’s it; the Write-only privilege allows you to create a “drop box” where other network users can leave files for the Mac’s user, but not modify anything once it has been copied over to the Mac.

Accessing Windows-based shared folders is even easier: In Finder, press Command-K (I use the mnemonic “Konnect” to remember it; you could also select Connect to Server from the Go menu). In the dialog box that appears, type




using the appropriate server and shared folder names. The Mac will ‘mount’ the shared folder as a volume, making it appear much like a mapped drive does in Windows.


Show other articles by this author

Share |
Write comment
security image
smaller | bigger



Subscribe and get the magazine in the post before it's online

Subscribe and get access to all of the back issues

To read a sample eMagazine - March 2010



leave When you add a new user and their email address doesn't show up in the Global Address List, work through the tips and suggestions in the ever-useful Exchangepedia Blog:
Bulk-add new users with the script here ( or give existing users mail access ( - this also has details for adding multiple meeting rooms as resources). And when an employee gets replaced, the steps at make it easy to connect the previous user's mailbox to the new user account so that mail for that job role keeps going to the right place. Reject spam with a custom message Just in case the message you're rejecting comes from a real person, you can have Exchange send a less cryptic message that the default error; it will make your customers look more professional. This blog post
explains how - but make sure to keep the 550 error code at the beginning.
read more


Unified communications


The #1 Bestseller for Only 77p

Key resources

Login to view Key Resources