Blocking access to file sharing (AFP/SMB) from outside of network

Similar Messages

• The Windows SMB feature has file locking if multiple users are accessing the same file.  Does Snow Leopard Server File Sharing (AFP) provide similar features?

  The Windows SMB feature has file locking if multiple users are accessing the same file.  Does File Sharing (AFP) on Snow Leopard Server provide similar services?

  Were you ever able to solve this problem. I'm having similar issues since upgrading to snow leopard. Four macs connect to a Windows Server 2003 for shared files. Each user has full permissions & when we "get info" it shows read & write permissions. Two of the computers were running 10.4, two were running 10.5. Everything worked properly until upgrading to snow leopard. Some files let me copy, move, delete. Others either just hang up or we get a "no permission" error. Also getting a "pdf is in use" error, even when the file/folder doesn't contain a pdf. We had our IT rep check the server who said everything is in working order. They don't represent macs any longer but feel that it's a mac problem. I would have to agree since this problem only started after the upgrade, and the one machine that was not upgraded (still running 10.5.8) is not dealing with these problems.
  Lastly, I would install 10.5 back on all of the computers if I could, but the leopard disk that came with one of the computers wouldn't work with the 2 machines running 10.4 and I didn't see it available at the apple store. I'll buy it if it's still available, but why wouldn't the disks that I have work?
  Thanks for any help

• File sharing afp:// address not computer name

  Just setting up my new iMac and the file sharing afp:// address does not match the computer's name (Brute Squad), it's pulled in my old PowerBook's name (Alumen). I'm assuming it came from my Apple/iCloud account since that was the only computer I had registered when I set the iMac up. Restarting didn't help. Any ideas?

  You can change the computer name in the System Preferences > Sharing pane, change the name at the top.
  Best of luck.

• App that can access windows file sharing

  Hello... I've got my Nokia 500 today, but i'm looking for an app that can access windows file sharing via wifi. I want to transfer my picture from cellphone to my computer via wifi..
  Nokia 500 -> Wifi -> Computer (Windows File Sharing)...
  Anyone please create an app for me

  Telexy SymSMB used to be such an app, but was taken off the market (Nokia demanded it, because apparently some Nokia employees were involved in developing the app). Don't know if anything similar has come out since then.

• How to access a file in Unix server from windows using java

  I want to access a file in unix server from windows using java program.
  I have the following code. I am able to open the url in a web browser.
  String urlStr="ftp:user:passwd@unix-server:ftp-port//javatest/test.csv;type=i";
  URL url = new URL(urlStr);
  BufferedReader in = new BufferedReader(new InputStreamReader(url.openStream)));
  String inputLine;
  while((inputLine=in.readLine()))!=null){
  System.out.println(inputLine);
  in.close();
  I get the following error
  java.io.FileNotFoundException: /javatest/test.csv
  at sun.net.www.protocol.ftp.FtpURLConnection.getInputStream(FtpURLConnection.java:333)
  at java.net.URL.openStream(URL.java:960)
  at com.test.samples.Test.main(Test.java:45)

  urlStr="ftp:user:passwd@unix-server:ftp-port//javatest/test.csv;type=i";
  I have given the format of the urlStr that I am using in the code. The actiual values are used in my code. I have tried pasting this url in the browser and it opens the file.

• File Sharing on a mixed Tiger-Leopard network

  I have a LAN with two machines, a PPC with 10.4.11 and a new Laptop with 10.5.1. If I turn on file sharing on the Tiger machine, I can see and access it from Leopard. But if I turn on file sharing on the Laptop, I can find the laptop as a server when I browse from the Tiger machine, but cannot connect to it. So essentially I have one way file sharing.
  The network is a new Apple Airport Extreme and the problem exists whether I have the laptop connected wirelessly or through a hard ethernet port, so I don't think it is the LAN.
  A tech support call to Apple resulted in a transfer from the first technician to a product support unit ("... this may be an emerging Leopard issue") and a 2 hour hold before the call was dropped. Worst customer support I have had from Apple-- and I have been a customer since a Mac Plus and system 3.2...
  Anyone successfully mount a shared volume on a Leopard machine using another running Tiger?

  Finally figured this out. It has to do with the changes in how Leopard implements a Firewall. The firewall settings in Leopard have been moved from the "Sharing" panel to "Security".
  The solution for me was to go to the Leopard machine System Prefs and turn on file sharing. (Note that "Screen Sharing" only works between two Leopard systems) Add whatever folders you want shared; the default is to share only the "Public" folder. I also changed the users to "read & write"; the default is "read only" after highlighting the folders I wanted write privileges on. You have to do this folder by folder. If you want file sharing using anything but the Apple File Protocol (AFP), you have to set it under "options".
  Now go to the "Security" Panel and click "Firewall". The Leopard Firewall set to "Allow only essential services" blocks file sharing. Set it to "Set access for specific services and applications". You should see "File Sharing (AFP)" in the window.
  The Leopard system can now be found by browsing servers from other machines on the network.

• SMB not working from outside local network

  Hello,
  On my old MacBook I installed OS X Server to create a file sharing server.  I set it up using my public IP address so that I could access my files from outside the local network.  I don't have an Apple router, but I found the port number for SMB and AFP and did the port forwarding.  My issue is that smb stopped working.  It used to work out side the network because it tested it.  My Mac can still connect though outside the local network using my public IP.  I have no clue why SMB is not working as it was working recently.  My only idea is that I got a new modem from my ISP.  Could that make a difference?  I don't get it because AFP still works fine.  File sharing using SMB is checked in the server app and file sharing preferences so it is not that.  I am using OS X 10.8.4 on a MacBook running OS X Server version 2.2.1.  Any help would be appreciated. 
  Thanks,
  Michael

  Is it a modem only, or is it a modem/router that might be creating a double-NAT on your network?
  Incidentally, since you're running Server, you might want to use the built-in VPN gateway to give yourself better security - tunneling AFP/SMB through a router/firewall is pretty insecure.
  Matt

• Can i access my data on time capsule from some other network

  can i access my data on time capsule from some other network that is my data at home from office over internet

  There is plenty of info out there if you google..
  Here is a summary I just put into another thread.
  Remote access has been added back into iCloud that was in MobileMe..
  Read the info on setting it up from cloud service.. BTMM.
  http://www.apple.com/support/icloud/back-to-my-mac/
  If you want to do it without the cloud service, you have one major issue.. the public IP for WAN..
  The internal IP of the TC.. which will default to 10.0.1.1 btw.. is irrelevant. It is the IP of the WAN which you use to access the TC over the internet. And here you have a problem.. the TC does not include dyndns service. So unless you have a static IP address from your ISP, this will cause you grief.
  (If it is offered by your ISP.. get a static IP.. that eliminates all the issues.. and is far superior. Even dyndns service has issues if your public IP rotates too often. It is generally an extra cost item and requires a business account but some ISP offer it cheap or even free.. I joined an ISP that offered static ip for free because it gives me the ability to remote access my network without all the hassles you will see below.)
  There are ways around it.. setting up your own domain for instance.
  http://dyn.com/support/airport-time-capsule-with-dynamic-dns/
  But it is easier to simply use a different router.. almost all of them have dyndns service available.. place the TC behind the router in bridge and forward port 548 TCP to it.
  This is a bit old but still relevant.
  http://gigaom.com/apple/access-your-time-capsule-over-the-internet/
  Note .. there is no ftp, http, ssh (there is actually but it isn't accessible), or any other service to allow connection other than AFP.. so you must use a Mac in remote location to access the TC.
  The setup for the two methods is slightly different in the TC.. in the first instance, you need to turn on WAN access via disk sharing page in the manual setup.
  In the second case you do not need this.
  Remember security and put strong passwords on the disk. There are still security questions about this.
  If security is important.. there is a third and better (IMO) method and that is vpn.. you will need to buy a vpn router as TC also missed out on that.. establish a vpn with the main router and that will allow you access to your network.. you will also then be able to use SMB remotely not just AFP.
  Also if this office is a large company they should be running a firewall, which would block your access to home. You should check your IT admin people for what is allowed.. generally the only acceptable method is vpn otherwise you can drag viruses and trojans right into the network without the firewall catching them.

• Open Directory access from outside of network / internet

  Hello all,
  Got a question I'd love to get some help on, I have some users who are outside of my network and I'd like them to connect into the open directory on our leopard server so they can use the Shared iCal calendars, addresses, etc.
  So my questions are A) Is it possible to connect in from outside the network and get access to the directory without having to have a seperate user account and use our VPN every time you want to connect? - if not is this the only way to do it (would you have to connect via the Mac VPN and then connect to the directory?)
  B) is it possible to do this "seamlessly" so that you don't have to change any settings, login details each time you switch between your local user from outside the network and your directory access. (so basically if you are in iCal if you have internet access it will connect you to the directory, without you doing anything extra?)
  Hope that makes sense, I can't seem to find the answers I need in the manuals, if I knew how this was meant to work I could probably have a fair go at figuring out how to actually do it (firewall changes etc)
  Thanks in advance for the help
  Martin

  So my questions are A) Is it possible to connect in from outside the network and get access to the directory without having to have a seperate user account and use our VPN every time you want to connect? - if not is this the only way to do it (would you have to connect via the Mac VPN and then connect to the directory?)
  If your OD server is visible from the internet -- i.e., it has a public address -- then you can do this without the VPN. However, it's not advisable to have a server exposed in that fashion.
  You would be better off doing this through the VPN:
  - Remote user connects to internet at hotel, for example.
  - Remote user initiates VPN connection.
  - Remote user now has access to iCal server and directory information.
  Explain to the users that this information is private to the company, and private company resources are only available through the VPN. Allowing access without the VPN would be similar to the company posting its Employee roster and meeting calendars on the face of the building where any person (or competitor) could see them.
  B) is it possible to do this "seamlessly" so that you don't have to change any settings, login details each time you switch between your local user from outside the network and your directory access. (so basically if you are in iCal if you have internet access it will connect you to the directory, without you doing anything extra?)
  It's just one extra step: Connect to VPN. You're still the same local user on the computer.
  If you're talking about laptop users needing directory access to authenticate when logging into their computers, well...That sounds like a whole other situation.
  Hopefully this helps.
  Bryan Vines

• Access SAP through SAPRouter from outside of Network

  Hello All,
  As my SAPRouter cerificate got expired  i genrated new certificate & import same into SAProuter. And this time my router is working fine.
  But this time i want to access from outside of network so added this entries in my SAProutab as follow:
  KT "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" 194.39.131.34 *
  KP "p:CN=sapserv2, OU=SAProuter, O=SAP, C=DE" <Public ip>
  P <Public ip> 194.39.131.34 3299
  P <my router ip> 194.39.131.34 3299
  P 172.16.. 194.39.131.34 3299
  P 194.39.131.34 172.16..
  P 194.39.131.34 <Public ip> 3299
  S * <my SAP ip> 3200
  P <Public ip> <my SAP ip> 3200
  Note:
  SAP System No: 00
  DEV_Rout
  trc file: "dev_rout", trc level: 1, release: "700"
  Thu Sep 30 11:38:25 2010
  SAP Network Interface Router, Version 38.10
  command line arg 0: F:\usr\sap\saprouter\saprouter.exe
  command line arg 1: -r
  command line arg 2: -W
  command line arg 3: 60000
  command line arg 4: -R
  command line arg 5: F:\usr\sap\saprouter\saprouttab
  command line arg 6: -K
  command line arg 7: p:CN=<HOSTNAME>,OU=0000*****,OU=SAProuter,O=SAP,C=DE
  SncInit(): Initializing Secure Network Communication (SNC)
  PC with Windows NT (mt,ascii,SAP_UC/size_t/void* = 16/64/64)
  SncInit(): Trying environment variable SNC_LIB as a
  gssapi library name: "F:\usr\sap\saprouter\nt-x86_64\sapcrypto.dll".
  File "F:\usr\sap\saprouter\nt-x86_64\sapcrypto.dll" dynamically loaded as GSS-API v2 library.
  The internal Adapter for the loaded GSS-API mechanism identifies as:
  Internal SNC-Adapter (Rev 1.0) to SECUDE 5/GSS-API v2
  main: pid = 2028, ppid = 0, port = 3299, parent port = 0 (0 = parent is not a saprouter)
  reading routtab: 'F:\usr\sap\saprouter\saprouttab'
  I am not able to access my sap from outside of network.
  SAP Router String: /H/<PUBLIC IP>/S/3299/H
  Any idea. Thnaks in advance
  Regards.

  Hi,
  Hope you have private external IP than dynamic which changes every now and then you can this:
  P <Public ip> * 3299 or P <Public ip> SID_IP 3299
  Also look for your the logs for saprouter and your router logs if this not works.
  Regards;

• Do I need a domain name in order to connect to my Mini Server 10.8.2 from outside my network?

  I am working on setting up my mac mini server. Aside from in home file sharing I want ot be able to connect to some files remotely and even upload files, say pictures from my camera, to my server from outside my network. I am only looking to have maybe 2 users that have access. Should I get a domain name from a place like GoDaddy? in order to set up server to use domain in initial setup? I have 2 Drobos connected with my music, videos and pictures and I wat to access them from an Android, Windows and iPod device when away from home. Any how-tos out there or good step by step guides?
  Thanks for any information.
  -Peace
  -Dave

  A normal address like www.domain.com is intended to work with static IP addresses, DynDNS is a service specifically intended for dynamic addresses and it will therefore automatically update the address e.g. name.dyndns.org to match the dynamic IP address each time it changes.
  Some home broadband routers have built-in support to act as a DynDNS client but if yours does not then you can run the DynDNS software on your Mac server. This will then tell the DynDNS servers what your current dynamic IP address is so they can map it to your host name.
  The result will be that your users can use a name like yourname.dyndns.org to access your server and not have to worry about the fact your IP address may change.
  You would still need to run a VPN server to allow your remote users to connect to your network but OS X Server can do this. You could also run a website but depending on your needs that might be better done by using a web hosting service.

• Unable to restrict afp folder access using File Sharing in System Prefs

  If I share files using AFP, and authenticate using a standard account from another machine on the LAN, I can browse and access ALL files and folders on the machine, not just those specified under "Shared Folders" in System Preferences->Sharing->File Sharing. Machine is running OS 10.6.5.

  ...You shouldn't be able to authenticate as a user/account that is not on the local machine.
  Also for each item listed in Sharing Preferences, you have to specify POSIX permissions for specific users, check to make sure 'everyone' isn't set to read and write.

• File sharing/AFP skips "connect as"

  I have a Mac-Lion and several accounts, both user and admin.  I turned file sharing on and selected AFP.  I can connect from another Mac-Yosemite as expected - to any account on Mac-Lion by entering the password when prompted.  With one exception.
  I have an admin account xyz on Mac-Lion and an admin account xyz on Mac-Yosemite, different passwords. On Mac-Yosemite, in the account xyz when "connect to server", it skips the "connect as" prompt.  Connects straight to xyz on MBP-Lion. However, this does happen vice-versa. I also tested other accounts, say abc on Mac-Lion and abc on Mac-Yosemite, admin or standard user. No problem, always goes to the "connect as" window and asks for a password.
  I also changed the password of xyz on MBP Lion many times, and delete the keychain, restarted, etc.  Also, MBP-Lion is off-cloud.  Still thee is this mysterious one-way password-free connection between the two accounts. What could that be and how can I reset it?
  Thanks in advance.

  It turns out the iCloud causes this behavior. If I sign off iCloud in the account xyz on Mac-Yosemite, then I am prompted with the regular login window when I connect to Mac-Lion.  So some setting on Mac-Lion grants password fee access to connections from account xyz on Mac-Yosemite as long as that account is logged in iCloud. (xyz on Mac-Lion used to be signed in the same iCloud account, but I signed out and reset the keychain).  Any idea where that could be so that i can reset it?

• Concerns with File Sharing using SMB

  I'm trying to get the windows on my home network to be able to view certain shared folders on my iMac
  When I enable SMB file sharing the windows PC gets to see most of my iMac and not just the shared folders with the appropriate read/write controls
  What am I doing wrong?
  thanks, Paul
  Snow Leopard 10.6.2
  Windows XP Home SP3

  I see the exact same thing - did you solve this? any info from anyone?

• How to access jpeg files on icloud drive from your iphone (5s)

  Can anyone tell me how to access a jpeg file on icloud drive from iphone? I have upgraded my macbook pro (with retina) to Yosemite, and my iphone is on ios 8.01 and I have turned on icloud drive. The only content I have seen online is accessing word docs through Pages which I get - but what about jpeg files? Thank you!

  At the moment, you can't.  A favourite complaint.  Hopefully, the situation will change in the near future, but only Apple knows when or if.