Sharing Omnis on Windows and Macs

Workstations: Macs (OS X 10.3)
Windows 2000
Server Windows 2000 (or 2003) running Services for Macintosh

IP Ranges were thought to be the stumbling block initially.  The IP range for the workstations was 10.3.110.x, the range for the servers was 10.3.100.x.  The workstations were behind routers for each floor.

We determined that we could see the server using AFP - tested this using Terminal and doing a Telnet connection to the server (thanks to Joe Maus for that idea).  The command was telnet 548 (548 being the port over which AFP travels), and we received a successful reply.  So, we could communicate with the server, even though it was on a different IP range behind a different router.

So, in the Connect to Server window in the Finder, we did the following connection:
afp:// 548
And received a reply that the user name and/or password was incorrect. At least we were getting response.  We then tried without the 548 suffix in case it was throwing things out and got the same response. My next thought was "So, we can talk to the server, we can't authenticate..." and it was that magic thought that made me realise what the solution was.

Microsoft have a UAM (User Authentication Module) for OS 9 and OS X that enhances the authentication used by the Mac when connecting to the server. Some Windows servers are set up where they will only accept connections using "strong" authentication.  The native MacOS authentication is not that strong.

So, I then downloaded the Microsoft UAM from - specifically:

There is also one for MacOS 9 there:

Once you install that, you are then authenticating to the MS Server using MS authentication.  

We then used the connect to server command: afp:// and were able to connect straight away.

Note: That was not the end of our problems as the Windows users were then getting a padlock when trying to access the datafile when the Macs were in
it.  When the PCs were in it, the Macs would be told the datafile was not available.

This is a known problem of access privileges not being interpreted correctly between the two platforms.  The way that we have found to solve this is:

  1. Create a new folder on a MacOS X workstation.  Get info on the folder and set access privileges for the folder to be read/write for the owner, the group and everyone.
  2. Copy the datafile to this folder (still on the workstation).  Get info on the datafile and set access privileges for the datafile to be the same as the folder i.e. read/write for the owner, the group and everyone.
  3. Open your application on the MacOS X computer and connect to the datafile in this folder.  You are making sure you can get in.  If successful, quit out.
  4. Copy the whole folder back to the server (note: this folder should not be a share point on the server, this folder should reside within a share point on the server).
  5. Open your application and connect to the datafile that you have copied back to the server.  Get all other users to connect as well.  ALL should be
able to now connect.

That got us running, and the client is very happy.  So are we!!!