To close this, I had two issues causing these symptoms. Primarily for the Mac's, on the server NetBIOS over TCP/IP was set to disabled. I have no freaking idea how that got that way. Once this was enabled, the Mac's could browse shares again. I un-joined one Mac from the domain early on and couldn't rejoin it. This was due to several SRV records for the domain name deleted in DNS. The MS support person who helped me through this recreated the records manually and mentioned they should have been created automatically when DNS was installed. I reinstalled DNS a couple months ago due to a large amount of related event log errors that I couldn't seem to solve. Reinstalled DNS, then recreating the reverse lookup zone solved that, but some of the SRV records were not created that were critical in joining a Mac to the domain whereas a Windows client still would.
As a side note, Vista using DHCP will not create PTR records on the server if you use a non-Microsoft DHCP server. You must check off "Use this connection's DNS suffix in DNS registration" in the advanced TCP/IP properties under the DNS tab. This also caused Vista to report and "unauthenticated" connection which check box fixed. XP doesn't suffer from this. -- Mike Gill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
