Homegroup

Talk about setting up your home network.
barnabas1969

Posts: 5738
Joined: Tue Jun 21, 2011 7:23 pm
Location: Titusville, Florida, USA

HTPC Specs: Show details

#21

Post by barnabas1969 » Sun Mar 30, 2014 3:31 am

Interesting info. Honestly, the last time I really looked at a Mac (other than looking at the outrageous prices of them recently) was back in 1986. Please tell me... How can you "add the Mac to the domain" without the Mac "really [having] a sense of being part of the domain" ???

The whole purpose of a PC belonging to a Windows domain is so that security is controlled by the domain (and the domain administrator). If the computer doesn't have a "sense of being part of the domain", then how can the domain control the security?

A Windows PC can also remember the credentials of each PC to which it connects... based on certificates. The domain administrator can restrict this ability (domain policy), and it is entirely possible that your wife's work PC can't "remember" how to connect to your local network shares due to the domain policy.

Homegroup works fine... for any PC that is not a member of a domain. If the client PC is a member of a domain (like your wife's laptop), then it must connect old-style... like Windows XP. Pretty simple stuff... well... except for that pesky domain policy stuff... but that's controlled by your wife's employer... as it should be.

barnabas1969

Posts: 5738
Joined: Tue Jun 21, 2011 7:23 pm
Location: Titusville, Florida, USA

HTPC Specs: Show details

#22

Post by barnabas1969 » Sun Mar 30, 2014 3:42 am

Hmmm... here's a clue. In your first post, you mention that it worked fine in Win 3.11 and Win 95... but it stopped working in Win Vista. I suppose you must have skipped XP, and gone straight from 95/98/ME to Vista? Well... that would explain a lot. There was a huge difference in architecture between 3.1/3.11/95/98/ME and NT/XP/Vista/7/8. The latter are all based on NT architecture... and aren't quite as "home user friendly" as 3.11, 95, 98, and ME. There is a big difference between the "security" in Windows 95, and the security in Windows Vista/7 (and all other NT-based versions of Windows). Don't expect Windows Vista/7/8 to work like 95/98/ME.

And... back in the days of Windows for Workgroups (3.11)... security was an afterthought. Prior to 3.11, networking was an afterthought (you had to provide your own network stack in Windows 3.1 and earlier).

RyC

Posts: 724
Joined: Tue Aug 21, 2012 10:21 pm
Location:

HTPC Specs: Show details

#23

Post by RyC » Sun Mar 30, 2014 4:08 am

Joining a Mac to a domain is pretty much exclusively for AD authentication. For security and stuff, you need to go through Mac OS X Server. The term is "golden triangle" where AD handles authentication and Mac OS X Server handles security profiles, user directories, etc.

Sorry I don't have much to add for your issue...one of my PCs is joined to a domain and the others aren't, but I can access any PC though \\[computer name]

kingwr

Posts: 417
Joined: Mon Jun 13, 2011 1:48 am
Location:

HTPC Specs: Show details

#24

Post by kingwr » Sun Mar 30, 2014 1:54 pm

barnabas1969 wrote:How can you "add the Mac to the domain" without the Mac "really [having] a sense of being part of the domain" ???
Well, to be honest, my Mac was added to my domain at work by the network administrator. There are specific settings in regard to the Mac's Active Directory service, but we do not have an OS X server. But while the Mac can operate in the domain, it does not appear to be bound by the domain like the Windows laptop. In other words, the Mac appears to operate the same way in other networks regardless of whether it is setup in my work domain or not. The work domain is just another network to which it can connect and utilize resources. But I think your anti-apple bias is making you miss the point of the original post.
barnabas1969 wrote:I suppose you must have skipped XP, and gone straight from 95/98/ME to Vista?
Nope. Like everybody else, we were probably on XP for the longest time in that period. I beta tested Vista but went back to XP after the beta until the beta test of Windows 7. Again, it is hard for me to understand how Homegroups and libraries are being defended by technical savvy folks. These things have been horribly implemented, IMO, and are inconsistently utilized by even Microsoft's own applications, including Media Center. I can understand how someone without any tech knowledge may appreciate the way the settings are worded and the way this operates, but for anyone coming from networking experience would just find it inflexible and unwieldy.

In the end I just removed the Homegroup and went back to creating accounts for all family members on all computers. I just share what I want to share (without regard to libraries) and it is much easier to manage (for me). I also turned off media streaming in favor of iTunes streaming, which works better with my mobile devices and AppleTV than Windows media streaming ever did with Roku/DirecTV/Pioneer receiver/Samsung TV, etc. Now if I just can figure out how to get my wife's laptop to reconnect to the HP LaserJet printer when she comes back into the house, we would have happiness once again.

barnabas1969

Posts: 5738
Joined: Tue Jun 21, 2011 7:23 pm
Location: Titusville, Florida, USA

HTPC Specs: Show details

#25

Post by barnabas1969 » Mon Mar 31, 2014 3:45 am

Well, I don't have any experience with Apple beyond my experience in high school in the 80's. But, based on previous posts here in this thread which refer to a Mac being able to use "AD" resources (Active Directory), I would guess that the Mac simply uses LDAP to check things like user passwords and such. If that's correct, then that would explain why the Mac doesn't become a trusted member of the domain, and why it would behave differently than a domain member.

When a Windows PC becomes a member of a domain, it only trusts other members of the same domain... or members of trusted domains. It's for security, and that's why your wife's laptop doesn't fully trust the other PC's on your LAN, which are not members of a trusted domain.

kingwr

Posts: 417
Joined: Mon Jun 13, 2011 1:48 am
Location:

HTPC Specs: Show details

#26

Post by kingwr » Tue Apr 01, 2014 3:43 am

barnabas1969 wrote:Well, I don't have any experience with Apple beyond my experience in high school in the 80's. But, based on previous posts here in this thread which refer to a Mac being able to use "AD" resources (Active Directory), I would guess that the Mac simply uses LDAP to check things like user passwords and such. If that's correct, then that would explain why the Mac doesn't become a trusted member of the domain, and why it would behave differently than a domain member.

When a Windows PC becomes a member of a domain, it only trusts other members of the same domain... or members of trusted domains. It's for security, and that's why your wife's laptop doesn't fully trust the other PC's on your LAN, which are not members of a trusted domain.
Precisely -- The Mac operates fine in the domain but is not bound by it. That's what I said.

Post Reply