Bind Windows 7 to Snow Leopard Server

I've run into some of the same problems. It appears that there are a couple of registry settings that you have to add in Windows 7:

http://wiki.samba.org/index.php/Windows7

With the above tweaks, I was able to join the domain, however when I attempt to login I get a trust relationship failure. That doesn't appear to be too uncommon, and others have fixed it by upgrading/downgrading to SAMBA 3.3.4 (linux environments).

Not sure if that's even an option in MacOS.

I'm still looking for the elusive last piece to allow authentication.

Cam
I am exactly where you (and may others) are on this.
Please kindly post here (anyone) once a solution to this trust relationship issue has been found.

Hi all
Same issue here. Has anyone a solution how to bind Windows 7 to PDC on SLS 10.6.2?

Thanx, Gerd

+1, joining Windows 7 clients doesn't work with the build of Samba in OS X 10.6.2 Server. So near and yet so far...

And why, exactly, are you trying to take a modern operating system made in 2009, designed to work with Active Directory, and force it to work with a directory system that's more than 20 years old and designed for Windows for Workgroups 3.11 and Windows NT 3?

If you have Windows clients and they need directory services, use AD. If you don't want to pay for AD CAL's and server licenses, get rid of the Windows boxen.

I'm continually amazed that people want to use (and trust the security of) a directory service technology that was invented BEFORE DNS was a standard... that uses NetBIOS naming conventions and was fastest when run on bridged networks using NetBEUI. Shame on you all...

The only purpose for AD in my home was to enable SSO and roaming profiles for 6 computers and 3 users, all of whom use a Mac 95% of the time. This isn't a business scenario; I don't want to lock down the Windows clients, run Exchange, SQL Server, IIS + ASP.NET, ADFS, or any of the other Server Roles. I definitely don't want to find an add-on backup solution when Time Machine on the server will suffice. I'm also tired of running Linux on a hyper-v VM just so I can have a simple SMTP/IMAP solution; two servers to maintain when one will do. I don't need to have an AD server hanging around sucking power while doing nothing but authenticating users. I could have bought a Home Server box from HP but it doesn't meet my needs.

SL Server on a Mac Mini fits my needs including, even especially, my tinkering. The one "issue", if you can call it that in my case, is that the rarely turned on Windows boxes that are used for a few games can't join the domain.

Your requirements are not my requirements; please troll elsewhere.

Same problem with Win7 Enterprise trying to bind to Snow Leopard Server as Primary Domain. Suppose Win7 not ready for SL Server yet??

other, snow is not ready for 7

I got the same problem. Is there any way to upgrade Samba on the Mac OS X SL Server or any other way to get rid of this "trust"-problem?

Why would you come here to shame someone for having a unique problem that needs a solution? There's absolutely nothing wrong with using Windows. It IS a world with quite a few Windows computers in it, is it not?

Why did you feel the need to shame someone? *** is wrong with your.... oh... I get it. User name explains it all.

Anyways I'd sure appreciate someone coming up with a solution for this.

I don’t think he even realises what he was cursing - OD apparently.
Hey, why curse at all? Be nice Mr/s paramedic!

Anyhow - still no solutions I see.

Shame on Apple. I guess they should stop advertising Windows PDC capability.

That's annoying. I was about to buy a Mac Mini Server to replace a failing Windows 2000 Server box on a network that does include some Windows 7 clients.

Guess I either need to go with another Windows Server box or possibly consider going with one of the F/OSS alternatives. Good thing I read this discussion thread before buying.

Hi all

Same problem here. XP and Vista log on fine, 7 (after all the Registry hacking) joins the domain (with ignorable error message) but domain user can't log on, already known error:

"trust relationship between this workstation and the primary domain failed"

Apple, do us all a favor and take care of this problem. solution, as mentioned in this and many other discussions: update the smb server!

I'm really starting to think about writing some Mac OS X viruses...don't be evil steve...

Apple, MS, say Win 7 client can't join OS X Server PDC Domain

Saturday, March 13, 2010

This week, Apple announced that Windows 7 clients and Windows Server 2008 R2 cannot join a directory domain mastered by a Mac OS X Server primary domain controller (PDC).

In a tech support article entitled Mac OS X Server: Cannot join Windows 7 to a Mac OS X PDC Domain, Apple says there are no workarounds to the problem. It links to a Microsoft support article that says that Windows 7 and Server 2008 R2 no longer support to Windows NT 4.0 SP6A domains, which is what Mac OS X Server provides to Windows clients.

The issue is a serious one for administrators of Mac OS X Server supporting Windows clients. When Apple's server is used as an Open Directory Master, acting as a PDC on creates a Windows directory domain that can provide the PDC server can provide Windows file and print services, authentication for Windows clients, and home folders for Windows users.

Windows 7 clients cannot log on to a Mac OS X Server master domain and take advantage of these services. If a Windows 7 client or Windows Server 2008 R2 attempts to do so, it will receive on of two error messages:

Logon failure: unknown user name or bad password.

The specified domain either does not exist or could not be contacted.
This incompatibility applies to all versions of Mac OS X Server.
If you know of a third-party product that gets around this issue please let us know.