Apple File  Sharing Permissions

Similar Messages

• Problem with File Sharing-Permissions throughout Folders

  I'm having an odd problem when setting up a Mac Pro with File Sharing. I have a second Hard Drive in it which is a Server Drive to be shared as a networked Hard Drive for both my MBP and my Fiancee's MBP. Here is the problem I have.
  I set up File Sharing and set up both her ID and my ID. Since this is done she is able to get to drive from my MBP and she is able to get to the drive from her MBP. I am able to read or write to those folders. She is able to view them but is unable to write to them.
  I went to the Server Drive icon on the Mac Pro's Desktop. When I right click and do "Get Info" and select Sharing I can tell her ID is not listed on any of the Folders. She is listed as Read and Write for the entire Hard Drive (which is an internal drive). I am also listed as Read and WRite and then it lists Everyone and says No Access. The same is listed in System Preferences in File Sharing. I have heard this Everyone 'No Access' can cause problems but I prefer not to give access to everyone. The only other option is Read Only and Read and Write. Also, when I have Everyone selected the - sign is greyed out so I'm unable to remove Everyone.
  To continue, what is strange is I thought with it saying on the Server Drive itself for my Fiancee, read & write, that it would say this on every Folder inside. Yet when I select any Folder inside on the Server Drive and select Get Info it says for me "Read & Write" and for Staff "Read Only" and for Everyone "Read only" I'm not even sure where Staff comes fro and of course Everyone is Read Only and my Fiancee not even listed. It just seems that these file sharing permissions are not replicated througout all the Folders when I select it for the Hard Drive itself. What could be causing this and how can I get the same to go throughout the Folders? I know manually I could change them all but this would take a long time and likely still be a problem when any additional Folders are added.

  1. I have turned logged into it from my MBP while at Home and if I'm logged in as Guest I only see the Server Drive which is good. My concern is that if I log in with my login I then sell all Folders including the Main 'Macintosh HD' At least as a guest I can only see the Server Drive but is it any way I can stop it from showing all the other folders on the computer since I have no reason to do that?
  When you login to a mac as an administrator it is normal to see all the contents of the volumes connected to that mac.
  2. Also, I would like to disable all access for Guest. Yet I have it list Everyone or Guest in the file sharing and I have no way of deleting this. I don't want a Guest to be able to connect to this computer or share any files at all on it. Is there any way to disable this?
  Goto system preferernces-->accounts
  click on the lock to and enter your password to unlock the preference pane.
  Then select the guest account. Then uncheck the 2 check boxes. The account should now have 'disabled' underneath it.
  3. Security: How secure is this? I am using it on a Home Wi-Fi network with an Airport Base Station 1GB. I have the Leopard filewall set to "Set Access for Specific Services" since it won't work with "Allow only essential services" I hope my home network is more security but with Back to my Mac how hard would it be for someone to be able to find this computer on the network? I don't do any filesharing on my MBP but do have it set up for File Sharing but only with my login ID.
  If you have your base station set to distribute ip addresses then it is acting as a NAT router and will firewall you.
  I have not setup back to my mac yet so can't comment on its security. Although I would suggest a strong password.
  have a read of Mac OS X 10.5: About Back to My Mac security
  My method of remote access is to use SSH and run screen sharing over an SSH tunnel.

• OS X File Sharing permissions

  I have set up a small office network over a WLAN, in which I have computers H2 & H3, which are Mac Minis (late 2012, i5 dual core, 4GB RAM), and two MacBook Pros (late 2008 and late 2010). I am using H3 to store the project folders and have given permissions to various sharing-only users  (A, B, C) I created on H3 System Preferences as read only or read and write according to the projects they are working on. This all seemed to work ok, but strange things started to happen:
  1.  If A is using H2 (or a MBP) and logs in to a project folder on H3 to which he has read and write permissions, and creates a new sub-folder within this, often (but not always) the owner of the folder sitting at H3 cannot see the contents of the new sub-folder. The folder icon shows up with a small red circle with a white dash through it, and says that I do not have permissions to view that sub-folder.
  2. For a user at H3 to delete the folder created remotely by A (either from H2 or one of the MacBook Pros) an admin password is required. Why should this happen? H3 is the owner of the folder, and as it lives locally on his drive surely he should be able to do this? It seems to require going into System Preferences>File Sharing, right clicking the folder in questions, and selecting "Apply Permission to Enclosed Items" after which it's possible to delete the folder. However this is a pain to keep doing every time one wants to delete a folder.
  3. Once a user is logged in sometimes it is not possible for him to disconnect
  Please advise as I am trying to work in an organised way using File Sharing but keep getting stumped.
  Spent nearly 2 hours on phone with Apple Support, who first advised software update to 10.9.5, and when this still didn't resolve the issue they seem to be stumped too!

  By default, Mac uses POSIX permissions which do not inherit to the sub folders and you are forced to do the apply permissions to apply the permissions on the top level folders to the items created below.  You need to set ACL permissions on the folder for the files to pull the inherited permissions.  This is easily done with Mac Server, however it sounds like you are not using the server app so you will need to use the chmod commands in terminal in order to set the ACL permissions.  If you Google something like "set acl permissions mac os 10.9," there are a number of articles with different ways you can set them and get them working the way you are looking for.

• File Sharing permissions not saving on second drive

  Hello,
  in my Mac Pro running 10.5.6 I have a second drive that I recently installed, This drive has two folders in it that i wish to share. So I did the following steps:
  System Preferences > Sharing > File Sharing (SMB Sharing is being used as well as AFP)
  I then clicked the Shared Folders + and added folder1
  The following users were automatically added
  MyAccount Read and Write
  MyAccount Read and Write
  Everyone Read and Write
  Whenever i edit these permissions or attempt to add another user everything seems to of gone fine, but when i close System Preferences and reload it i get the following
  folder1 is still shared
  and the permissions are still the same as above.
  I've looked at editting the smb.conf file in /etc/smb.conf but i don't want to do that unless necessary. Also it doesn't appear that any of the other settings are saved here any information would be appreciated.
  Thanks

  This was due to the disk being a DOS-format

• File Sharing permissions

  I have 2 iBooks in the same office. They are set for file sharing. I have trouble moving files from one computer to the other. Always get the message that I don't have the proper permissions. How does one resolve this problem - so that all files can be easily moved from one computer to the other?
  Thanks
  Charles

  Not sure what folders you['re trying to copy/move from/to.
  Go get SharePoints from , http://www.hornware.com
  Install on both macs.
  Configure shared folders & permissions using this fine utility.
  (sharepoints app manages the samba server files that regulate sharing permissions. It's a GUI view into the smb.conf setup)

• File Sharing Permissions Issue

  We are using file sharing between macs in an art department, where we are sharing out one folder that contains many sub folders that contain art divided by customer name and job/art numbers. Whenever an artist makes a new folder (or copies a "Template" folder) into the shared working folder I have to then go to that artists machine and tell the Mac to copy permissions to all enclosed folders in order for another user to access the files contained within the new folders.
  Is there a way to make all enclosed folders in the shared folder inherit permissions? We have 15 artists sharing files, so fixing sharing permissions several times a day is getting old.

  you can put a name of a group instead of a specific user name in the command. for example you can put "staff" in there which is a group that contains all users with accounts on the machine. or you can just put "everyone" instead of "username" and that will work for all users including guest users. you can also make a group in system preferences->accounts, add the users you want to that group and use the name of that group in the command.

• File sharing permissions for AD Domain Admins?

  I've binded Mavericks to a Windows network with Active Directory, turned on File Sharing under System Preferences > Sharing, and added the Domain Admins group; how can I configure permissions so that the Domain Admins can read and write to and from all files and folders on the MAC HD without affecting other user's permissions?
  If I "apply to enclosed items..." the Domain Admins' Read & Write permissions from the root volume then Everyone (gets unintentionally propagated) can access all files!
  Ideally, the Domain Admins need the same permissions as the root administrator even after a new user has logged onto the MAC and had their Home Folders created in the future; In other words I need them to be able to access files and folders for all accounts past, present and future, but all other user's access must stay the same. Does that make sense?
  Is this even possible with AD binding? Would having a MAC OSX Server/Open Directory facilitate this better?
  Any help would be much appreciated!

  I tried adding the Domain Admins to the wheel group, but that never helped either. Also the "apply to enclose items" only seems to work for the entire share (left side)--not individual users or groups (right sde).

• File Sharing Permissions Problem When NEW Files Created

  My wife & I have a home office network setup for our business, and are having trouble with shared files over the network. We're both on Macs, and all of our client files reside on an internal hard drive in my Mac Pro. I've set her up as a "Sharing Only" user on my computer (which matches the username & password of her account on her iMac), and have properly setup file sharing in both the System Preferences, and in the directory itself that we want shared. I've also applied the permissions to all files & folders below the main folder, and she can view, open and save whatever she needs and it works great.
  *Here's where the problem comes in...* If either of us create a NEW file or folder, the other person doesn't have WRITE access to it (we can browse and open it fine). The second I go to update a file she created, it won't let me over-write it, and I have to go into the permissions for that specific file and give myself Read/Write access. I've experimented with "Groups", and assigned both of us a special group, and applied that group access to that directory, but it doesn't make any difference when a NEW file or folder is created - it doesn't copy the parent directory permissions to itself, it makes one of us the owner, and nobody else has access.
  Is there any way around this? We're both constantly creating new files, and it really hampers our workflow to have to keep re-applying file permissions every time one of us creates something new. Ideally, any new files created within that main client folder would automatically have the same permissions as the parent directory. Any help would be greatly appreciated! Thanks!!

  Here's how to do this with Access Control Lists.
  1) Go to System Preferences -> Accounts. Unlock the padlock. Click the + button. Make a new group. Call this group "sharing" for the purposes of this exercise. Add the users you want to the group.
  2) Make a new empty folder in /Users/Shared. Call it "sharefolder".
  3) Log in to an admin account and paste all three of these lines at once into Terminal:
  sudo chmod +a "sharing allow delete,chown,list,search,add_file,\
  addsubdirectory,delete_child,file_inherit,directoryinherit" \
  /Users/Shared/sharefolder
  4) From now on, any files you create or copy to the sharefolder or to any of its subfolders will inherit read+write permission for all users in the group. If you have any existing files that you want to move into the sharefolder, a simple move by drag & drop won't cause the permissions to propagate. you need to hold down the option key while dragging them in. This will copy them over, ensuring that the ACL permission is properly inherited.
  One other caveat: Files created by a small number of OS X apps won't inherit the permissions properly if saved directly into the ACL folder hierarchy. TextEdit is one such app. Save TextEdit files in a temporary location first, and then copy them in. Then they will have the correct permissions.

• Apple File Sharing very slow with Mountain Lion

  I've noticed since upgrading to 10.8 the transfer speeds over a LAN via AFP (File Sharing) are VERY slow.. in some instances.  Based on the behaviour i'm guessing it has something to do with the amount of items.
  for instance:
  A folder that contains approx 122mb worth of 1500 small files takes me about 50 seconds to transfer while a long audio recording with a greater filesize of 125mb takes only 11 seconds.
  using SCP from the command line the same 122mb folder took only 19 seconds while the audio took 10 seconds.
  after performing the same operations on a computer running 10.6 I can deduce that the problem is on the receiving end.  Audio file transfer times were the same, however the same folder of items took only 27 seconds when it was transferred to a computer running 10.6 regardless of which OS the computer sending the file was running.
  apparently handling a greater number of files increases transfer time for both methods but AFP is painfully slow with 10.8 on the receiving end.
  any thoughts or suggestions?
  I've read a couple threads about people having trouble with Time Machine running slowly.. i wonder if this is related.

  Same problem here. I just upgraded from Lion to Mountain Lion. I only got 19 GB of space, but Time Machine wants 10 hours, whereas in OSX Lion a full backup would take just under an hour, and incremental updates were lightning fast.
  I even sat it up to do it overnight, but on 8 hours it was only half way through only 10 GB. I can't live with that in the future.
  Im trying to backup on a SD card which seems to work very good in Lion. Im on a 2012 Macbook Air using a SSD.
  My bite of the apple has been somewhat sour. I tried reformatting the SD card, well knowing that I would lose old backups. But still the backup is extremely slow. Now I can't install Lion or Mountain Lion from scratch without having to wait 10 hours for TM backup or installing tons of applications and settings again. Bummer. I'm never going to early adobt a OSX upgrade again.

• File sharing permissions issue between Macbook Pro and iMac

  Hi,
  I'm having trouble sharing files to and from a Macbook Pro and iMac. Both are brand new, and connected via a firewire cable (Due to large file sizes)
  I can share files between both computers no problem, but the files are set to 'Read only' by default once moved to the over device and can't be moved or renamed without requiring a password every single time.
  Is there a way to totally share files without having to enter a password every time I want to move or rename it?
  > File sharing is turned ON on both computers.
  > Share files and folders using AFP is ticked
  > Share files and folders using SMB is ticked also.
  Thanks

  Try disabling SMB File Sharing, & in the Sharing Pref Panes>Sharing>Options, see what users are listed.
  Also, try logging into the other Mac with the Other Mac's username & PW, not using the name & PW of the one you're on.

• File Sharing Permissions to Documents Without Having to Assign Each?

  Not sure where else to ask this.
  Background - work environment. Small 3 person office. Airport network. All computers Duo2Core with 10.5.1.
  On my iMac - I have this configuration: Home>Public>Shared>Clients> Abel thru Zulu - (separate folders for each client), and inside each client folder, subfolders such as "Correspondence", "Documents", "Research" and so forth.
  When I create a new document, for example - Clients>Charlie>Documents: "Work Paper", and I want my staff to have read/write access in order to revise or supplement "Work Paper", I have to manually Get Info for the documet, type in my password, unlock the little lock, and assign Read/Write.
  I understand the security aspect, but for the Clients folder ONLY, I'd like any new document I create and place in there to automatically have Read/Write permissions for my staff.
  Know little to nothing about Apple Script, but that's probably the only way to work around the routine of manually going to "Get Info" six dozen or more times a day.
  So - anybody got a script that will do the trick? If so, a little instruction on setting it up would also be most appreciated.

  I've been fiddling with sharing things between my two admin users on my computer, so that both have read and write permissions to files. I seem to have gotten it right, anyway, I just added a couple of jpegs to the folder from my primary account, logged into the other admin account, opened a jpeg, edited it and saved it with no problem, and did the same with my test account. Perhaps this will help you.
  1. The users have to be members of the same group, in my case I picked the group "staff" since both admin users are members of that group, as well as the test account
  2. I created a folder in the Sharing folder, called it "readwrite"
  3. I then launched Terminal and entered this command:
  NoobiX:~ francine$ chmod +a "staff allow write,append,writeattr,writeextattr,fileinherit,directoryinherit" /Users/Shared/readwrite
  hit Return. Then did this command:
  NoobiX:~ francine$ chmod +a "staff allow addfile,add_subdirectory,delete_child,writeattr,writeextattr,directoryinherit" /Users/Shared/readwrite
  hit Return again. Note there are spaces between chmod, +a, the permissions list, and the path.
  I then added the files to the readwrite folder, logged in to the other staff accounts, and successfully edited the added files. I then returned to my account, opened one of the edited files and made another change and saved it. Looks like it is working as intended.
  Francine
  Francine
  Schwieder

• Lion Server 10.7.3 file sharing permissions

  I'm having really strange issues with Lion Server. Since upgrading to 10.7.3 I no longer have permissions to modify files on Share Points that I was once able to in 10.7.2. When I go to modify certain files or folders I get "The operation can’t be completed because you don’t have permission to modify some items."

  Background
  Access Control Lists (ACLs) are  applied to folders and files to define user (and group) access privileges.
  I have setup two Mac mini Servers at our company – one in our Melbourne office and one in our Sydney office. Each file server is made up of the following hardware:
  1x Mac mini Server (with Lion Server).
  2x Promise Pegasus 12TB (6x2TB) R6 RAID System (thunderbolt) in RAID5 configuration. The two Pegasus unit are mirrored (RAID1) using SoftRAID.
  Users and Groups are replicated between the two servers via Open Directory.
  The PeachPit book "OS X Lion Server Essentials" is the best book I've found that explains OS X Server services and configuration. It has a  good explanation of POSIX and ACLs.
  The Problem
  It seems there is a bug in Lion Server that causes ACLs be ignored. A couple of times I've managed to fix the problem using these steps:
     1. Remove the share-point.
     2. Setup up the share-point. /Volumes/promiseraid/work
     3. Apply an ACL to a folder.
     5. Propagate the ACL to sub-folders.
  When ACLs are not applied to a folder the older POSIX permission define access privileges. With POSIX mechanism the user, group and other access privileges applied to new files and folders is defined in the 'unmask' value. The default 'unmask' value sets file/folder group to read-only access. The upshot is when POSIX mechanism is used and a member of staff creates a file or folder it is read-only to colleagues. System Administrators shouldn't need to change the 'unmask' value – too technical. Apple documentation encourages System Administrators to use ACLs to define access privileges – use ACLs to overcome the limitations of POSIX.
  The workarounds I've been considering
  Stick with Lion Server, apply POSIX read&write (group and others) permissions to all folders at regular intervals (daily) and wait for Mac Apple to fix the problem.
  Abandon Lion Server (10.7) and revert to Snow Leopard Server (10.6).
  Abandon Lion Server (10.7) and setup a Microsoft Windows Server solution.
  A solution?
  Scanning the several threads here I think I discovered a "fix". Mac OS Lion doesn't seem to honour ACLs if
  it is a volume is being shared (AFP and/or SMB), or
  it a folder at the root level of the volume is being shared (AFP and/or SMB).
  However, if the folder being shared is at least one folder deep ACLs seem to be honoured!
      !!! This did not work – ACLs are not honoured !!!!!
      /Volumes/promiseraid
      /Volumes/promiseraid
      /Volumes/promiseraid
      !!! This did not work – ACLs are not honoured !!!!!
      /Volumes/promiseraid/share1
      /Volumes/promiseraid/share2
      /Volumes/promiseraid/share3
      !!! This works – ACLs are honoured !!!!!
      /Volumes/promiseraid/shareditems/share1
      /Volumes/promiseraid/shareditems/share2
      /Volumes/promiseraid/shareditems/share3
  Acknowledgement
  I should acknowledge gmbion for his time troubleshooting this and reporting his findings to this thread.
  A response from Apple
  It would be good if Apple could address this limitation with either:
  A note from Apple acknowledging this limitation ("undocumented feature") witch advice to not share a volume or a folder at the root level of a volulme. Instead, share a folder at least one level deep; or
  Fix Lion Server so that any volume or folder can be shared and ACLs will be honoured.

• Permissions for file sharing to Windows users

  Greetings, I would be very pleased if someone could help me with file sharing permissions for Windows users of a Mac mini file server running Snow Leopard 10.6.1 (not server).
  I have a folder in my root directory, lets call it Project, that holds a series of 10 sub folders, say 1 through 10. Some of my users I wish to have read/write access to the whole Project directory, and, having enabled file sharing in System Preferences (and SMB for Windows), I did cmd to get info on the Project folder, ticked sharing, added the users (whose user accounts I had replicated on the Mac from their Windows machines), gave them read/write access, and then was able to map a drive to Project in their machines. All good so far, notwithstanding an hour tussle with a Vista laptop . The other user 'groups' were set the following permissions: me - read/write; Admin - read/write; Everyone - no access; which seemed sensible.
  Then, when I wanted to only share say sub folders 4, 5 and 6 with other users, who will not have access to the whole Project directory, things were not as straight forward. I followed the same procedure as above, but for the particular sub folders. However, I think they are only able to see them if I provide read or read/write access for Everyone to the parent Project directory. This of course then lets them at least see all the other folders I do not want to share with them. I don't seem to be able to remove the Everyone group from the Project directory, which occurred to me might resolve this.
  Any thoughts? Thanks.

  "On the way down, it seems to me that you still can prevent that user from using folders that he or she is not supposed to use by setting appropriate permissions."
  I don't think this is the case. If I allow someone read & write access to a folder because they need to have read & write access to two of three subfolders, I cannot deny them (at least) read access to the third folder.
  In respect of a particular folder:
  1. You can only assign read; read & write; or write (drop box) to an individual user; and
  2. You can only assign No Access to everyone.
  Do I need to use Snow Leopard Server to be able to assign No Access to a particular folder for an individual user?

• Personal File Sharing

  I have a small office network setup with 8 macs. I'm currently using personal file sharing within the network. Sometimes I can not tell who is connected to which machine at any given time.
  When I go to shut my machine down, I'll get the message "There are X users connected using apple file sharing. Are you sure you want to shut down?"
  #1 How can I tell who is connected?
  #2 Is there a way that I can force them to disconnect from my machine?
  Thanks

  No need to "install" Sharepoints, you just run it once to set the type of logging you want in it's AFS Properties, then you use AFS Monitor to easily check the Logs to see who is or has been doing what.
  No need to change Sharing with Sharepoints unless you want to finely tune your sharing.

• Personal File Sharing - Who is Connected to Me?

  Getting a message now when I shut down my computer at work that says a user is connected to me through apple file sharing. Is there a way for me to figure out which user on our network that is?

  Open Terminal, then type...
  w
  or type...
  who
  Enter after either.