Link to home
Get AccessLog in
Avatar of NAPlummer

asked on

Unable to communicate from a Macintosh to a specific Windows Server 2008 computer

Our network has two DCs with Windows Server 2008 R2. Along with other roles, one of the DCs (I'll refer to this DC as "DC1") is designated as the DHCP and File/Printer Server. Our network is primarily Win8 desktops with two Macintosh computers. We have one Macintosh computer (running OS 10.7.5) on our network that is unable to connect to DC1 in any fashion. This Macintosh is unable to get a DHCP IP address from it, unable to  connect to it via SMB, and it is also unable to ping DC1.

This Macintosh was working fine just last week. Nothing that I am aware of was done to it (e.g., software install, etc).

When we assign a static IP address to this Macintosh, it is able to access other devices on the network normally. However, it is still unable to connect to DC1 (which is where are the file sharing takes place). When we ping DC1 from this Macintosh, we get a "permission denied" message. However, when we ping other devices on the network from this  Macintosh, we do get normal ping replies back.

On DC1, we also tried doing a DHCP reservation for this specific Macintosh. However, the Macintosh simply ends up with an APIPA address. Also, on the DHCP server, there are no "deny" filter that would block this Macintosh.

The firewall is turned off on the Macintosh. And the settings to the "Virus Barrier" anti-virus software has been "relaxed." Still, this Macintosh can't get a DHCP address from DC1.

When we unplug this Macintosh from the network and plug it into a standalone Linksys router with DHCP turned on, this Macintosh does get a DHCP IP address from it.

The one other Macintosh we have a our network has no problems connecting to DC1. It's able to get a DHCP address, connect via SMB for file sharing, and ping DC1 successfully.

I am uncertain as to well the root of the problem is. Is it the Macintosh or on our domain controller?

If someone can provide me with some guidance, some action items, or share related experiences that may help us try to resolve this, that would be much appreciated.
Avatar of Michael Machie
Michael Machie
Flag of United States of America image

The issue would most likely be this MAC itself since the other connects normally. If it were the Server you would have other machines exhibiting the same behavior. You have provided a lot of good info and my suggestions below may or may not be valid options, but I ask that you give them a try anyway.

Can you ping DC2 from this MAC?

Have you tried connecting the working MAC to that drop, flushing the IP settings, and renewing the DHCP IP?

Off the wall question/thought here:
I wonder if your DNS settings are static at If they are static, yet the ip, subnet and gateway are set to DHCP, the MAC would not reach the DNS Server (DC1) to allow DHCP to work normally. However, if set to, I am thinking that coincidentally the linksys router has an IP of, allowing connection to that device to supply IPs via DHCP, since the router at would be the DNS server.
Avatar of NAPlummer



Thanks for input.

When we assign a static IP to our Macintosh, it is able to ping DC2 and all other network devices with the exception of DC1.

I didn't mention this on my original post, but we also did plug this Macintosh into another network drop, but the problem remain.

As for the DNS, all clients get their DNS IPs from DHCP. Thus, they are no statically defined DNS addresses on this Macintosh. As far as networking configuration goes, this Macintosh is configured the same way as the one other Macintosh that is working.

Good ideas Machienet, much appreciated.

I'm not an expert in Macintosh OS. Does anyone know if there is an "IP Blacklist" on the Macintosh that would prevent it from communicating with another network device?

Avatar of alicain

Link to home
This content is only available to members.
To access this content, you must be a member of Experts Exchange.
Get Access

You lead me right to where the root of the problem was. I looked at the OS firewall. What I didn't realize was the VirusBarrier software was more than just an anti-virus software. It does have an "IP blacklist" feature. Looking at this list, sure enough the IP address for our DC1 server is on it. I've removed that IP from the "deny" and entered it into the "trusted" list.

My problem is solved. Thanks to all the provided their input.