Client Network Shares Via RWA
How can I add client shares to the remote web access as described here:
http://jpd.ms/network-drives-on-sbs-2011-remote-web-folders/
I have tried the suggested actions. That being:
"On your SBS server navigate to C:\Program Files\Windows Small Business Server\Bin\RemoteAccess. Locate and BACKUP a
file named web.config. Open the file up in notepad, just drag it in. Search for;
<wssg.storageProvider type=”Microsoft.WindowsServerSolutions.Web.Storage.SBSStorageProvider, Wssg.Web.StorageProvider” />
Comment this line out by adding <!—- and —-> respectively;
<!—- <wssg.storageProvider type=”Microsoft.WindowsServerSolutions.Web.Storage.SBSStorageProvider, Wssg.Web.StorageProvider” /> —->
Now directly below that line add the following;
<wssg.storageProvider type=”Microsoft.WindowsServerSolutions.Web.Storage.FileSystemBasedStorageInformationProvider, Wssg.Web.Internal” shares=”\\fileserver\Share1;\\fileserver2\Share2″ />
Obviously replace \\filesever\share1, etc with the UNC for your shares. Once you do this run an iisreset or just reboot. Test and enjoy."
I am now getting the "Gadget failed to load" error. Does anyone know what changed from 2011 to 2012?
Hi,
Based on your description, did you mean that make specific users to access specific folder in RWA? Sorry, I’m
a little confused with your problem. If anything I misunderstand, please don’t hesitate to let me know.
If make specific users to access specific folder in RWA, please open Dashboard and navigate to STORAGE. In
Server Folders tab, please select Add a folder task to add folders. In Add a Folder wizard, if want to store the folder in another location (not locally), you can click “Browse…” button to select other locations on other servers. Then configure correct
permission for specific users to access this folder in the Add a Folder wizard.
Then, specific users (and administrator) will be able to access the specific folder in the RWA.
If any update, please feel free to let me know.
Hope this helps.
Best regards,
Justin Gu
Similar Messages
-
Window 8.1 system unable to access network shares via VPN connection
Is there something inherent to Windows 8.1 that prevents it from accessing shares on a domain?
I know that it cannot join a domain, but does that also mean that it cannot access shares which are on a domain?
My problem is that I have several user that are running windows 8.1 that are connecting to our network via a VPN.
The users have domain accounts but their computers as windows 8.1 cannot joined to the domain.
So to access network shares they have to use their domain credentials to create a VPN connection.
Once connected the user can RDP to systems on the domain using their domain accounts, so I know that their user names/passwords and permissions are correct. They can access these systems using the computer name, so I don't feel that I have a DNS issue.
They can see the shares on our file server, but when they try to access their departments shared file, they receive an access denied message. There are a few shares that are completely wide open, shared to all users and all departments but they cannot access
those shares either.
You can ping the file server, from the the client when they are connected to the VPN but you just cannot access any of the shares.
So...
I am thinking that it has something to do with windows 8.1 and not being able to join a domain, but I cannot find anything to explicitly support this thought.
Other users running a variety different OS (windows 7, OSX, Linux) can all access the shares without any problems via the VPN, so I am a little stumped.I have done some more testing and oddly enough I can map a drive if I use the IPaddress, but not the computer name, when checking the check box "connect using different credentials"and providing they users domain credentials.
This seems to point to a DNS issue, one would think, but I can hit the file share server by name \\fileserver.dev.lan
I can see all the shares, so dns seems to be fine right?
So I don't understand why I can map a drive using do the IPaddress and not the machine name, but yet I can see and ping the server by name?
When I try to create a mapped drive by machine name I receive the following message:
Windows cannot access \\fileserver.dev.lan\all
You do not have permissions to access \\fileserver.dev.lan. contact your network administrator to request access.
But if I use the \\x.x.x.x\all using the very same user and password I get connected with no problem.
This only seems to happen on windows 8.1, which leads me to think that has something to do with OS.
I am thinking about upgrading to windows 8.1 pro, but I don't want to go though the hassle and expanse is the OS is not the problem. -
Mounting a network share via Applescript or Automator causes errors in MS Office apps
If I connect a network share using an automated process, either using Applescript or Automator, though the share shows up on the Desktop and I can open it and view the various folders and files, MS Office apps including Powerpoint, Excel and Word are unable to open the files. Each gives a slightly different error message. In Excel, it looks like this:
In Word, it's:
In Powerpoint, it's:
BUT, if I connect to the server share manually (using Cmnd-K in Finder), all files and folders are properly accessible. I cannot see any differences between the shares connected by the two different means on the Desktop. They have the same name, are the same size, etc.; in short, everything about them seems identical. I even took screen shots of the Get Info page from one of them connected by the different methods:
"home" connected by Automator:
and connected manually:
Does anyone have any ideas as to why this is happening or how to fix it?I had the same issue. After upgrading kernel to 3.4.5 today the cifs share mounted with original fstab settings. I believe it was caused by this bug:
kernel changelog wrote: The double delimiter check that allows a comma in the password parsing code is
unconditional. We set "tmp_end" to the end of the string and we continue to
check for double delimiter. In the case where the password doesn't contain a
comma we end up setting tmp_end to NULL and eventually setting "options" to
"end". This results in the premature termination of the options string and hence
the values of UNCip and UNC are being set to NULL. This results in mount failure
with "Connecting to DFS root not implemented yet" error. -
Trying to resolve ntlmv errros mounting CIFS network shares via fstab
Kernel: 3.4.2-2
WM: Openbox
About 6 months or so ago, which was after about a year on my current install with no issue, I began getting an ntlmv error when auto mounting samba shares at
boot. Everything still worked but I continued getting an error message.
My fstab entry at that time looked like this:
//<LAN_IP>/<share name>/ /mnt/Serverbox cifs credential=/path/to/file,file_mode=0777,dir_mode=0777 0 0
The error I recieved looked like this:
CIFS VFS: default security mechanism requested. The default security mechanism will be upgraded from ntlm to ntlmv2 in kernel release 3.3
So I did what research I could on the error, found the "sec" option and discovered that adding the "sec=ntlmv2" option to my above noted fstab entry got
rid of the error message and everything still worked perfectly; that is until this weekend.
After upgrading both machines this weekend I noticed a new boot time error message and saw that my shares were no longer being mounted.
relevant boot log:
Mounting Network Filesystems [BUSY] mount error(22): Invalid argument
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
relevant everything log:
CIFS VFS: bad security option: ntlmv2
/var/log/pacman from the the weekend's upgrade:
[2012-06-16 13:03] Running 'pacman -Syu'
[2012-06-16 13:03] synchronizing package lists
[2012-06-16 13:03] starting full system upgrade
[2012-06-16 13:10] removed dbus-python (1.0.0-1)
[2012-06-16 13:10] upgraded linux-api-headers (3.3.2-1 -> 3.3.8-1)
[2012-06-16 13:10] Generating locales...
[2012-06-16 13:10] en_US.UTF-8... done
[2012-06-16 13:10] en_US.ISO-8859-1... done
[2012-06-16 13:10] Generation complete.
[2012-06-16 13:10] upgraded glibc (2.15-10 -> 2.15-11)
[2012-06-16 13:10] upgraded bison (2.5-3 -> 2.5.1-1)
[2012-06-16 13:10] upgraded libpng (1.5.10-1 -> 1.5.11-1)
[2012-06-16 13:10] upgraded cairo (1.12.2-1 -> 1.12.2-2)
[2012-06-16 13:10] upgraded libwbclient (3.6.5-2 -> 3.6.5-3)
[2012-06-16 13:10] upgraded cifs-utils (5.4-1 -> 5.5-1)
[2012-06-16 13:10] upgraded sqlite (3.7.12.1-1 -> 3.7.13-1)
[2012-06-16 13:10] upgraded colord (0.1.21-1 -> 0.1.21-2)
[2012-06-16 13:10] installed pambase (20120602-1)
[2012-06-16 13:10] upgraded pam (1.1.5-3 -> 1.1.5-4)
[2012-06-16 13:10] upgraded libcups (1.5.3-4 -> 1.5.3-5)
[2012-06-16 13:10] upgraded cups (1.5.3-4 -> 1.5.3-5)
[2012-06-16 13:10] installed python-dbus-common (1.1.0-2)
[2012-06-16 13:10] installed python2-dbus (1.1.0-2)
[2012-06-16 13:10] upgraded dconf (0.12.1-1 -> 0.12.1-2)
[2012-06-16 13:10] upgraded desktop-file-utils (0.19-1 -> 0.20-1)
[2012-06-16 13:10] upgraded firefox (13.0-2 -> 13.0.1-1)
[2012-06-16 13:10] upgraded freetype2 (2.4.9-2 -> 2.4.10-1)
[2012-06-16 13:10] upgraded initscripts (2012.05.1-3 -> 2012.06.1-1)
[2012-06-16 13:10] upgraded jre7-openjdk-headless (7.u4_2.2-1 -> 7.u5_2.2.1-1)
[2012-06-16 13:10] upgraded jre7-openjdk (7.u4_2.2-1 -> 7.u5_2.2.1-1)
[2012-06-16 13:10] upgraded jdk7-openjdk (7.u4_2.2-1 -> 7.u5_2.2.1-1)
[2012-06-16 13:10] upgraded kdelibs (4.8.4-1 -> 4.8.4-2)
[2012-06-16 13:10] upgraded libdrm (2.4.33-1 -> 2.4.35-1)
[2012-06-16 13:10] upgraded libglapi (8.0.3-2 -> 8.0.3-3)
[2012-06-16 13:10] upgraded liblrdf (0.4.0-9 -> 0.5.0-1)
[2012-06-16 13:10] upgraded libmysqlclient (5.5.24-1 -> 5.5.25-1)
[2012-06-16 13:10] installed khrplatform-devel (8.0.3-3)
[2012-06-16 13:10] installed libegl (8.0.3-3)
[2012-06-16 13:10] upgraded nvidia-utils (295.53-1 -> 295.59-1)
[2012-06-16 13:10] upgraded libva (1.0.15-1 -> 1.1.0-1)
[2012-06-16 13:10] upgraded mkinitcpio (0.9.1-1 -> 0.9.2-2)
[2012-06-16 13:10] >>> Updating module dependencies. Please wait ...
[2012-06-16 13:10] >>> Generating initial ramdisk, using mkinitcpio. Please wait...
[2012-06-16 13:10] ==> Building image from preset: 'default'
[2012-06-16 13:10] -> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux.img
[2012-06-16 13:10] ==> Starting build: 3.4.2-2-ARCH
[2012-06-16 13:10] -> Running build hook: [base]
[2012-06-16 13:10] -> Running build hook: [udev]
[2012-06-16 13:10] -> Running build hook: [autodetect]
[2012-06-16 13:10] -> Running build hook: [pata]
[2012-06-16 13:10] -> Running build hook: [scsi]
[2012-06-16 13:10] -> Running build hook: [sata]
[2012-06-16 13:10] -> Running build hook: [filesystems]
[2012-06-16 13:10] -> Running build hook: [usbinput]
[2012-06-16 13:10] -> Running build hook: [fsck]
[2012-06-16 13:10] ==> Generating module dependencies
[2012-06-16 13:10] ==> Creating xz initcpio image: /boot/initramfs-linux.img
[2012-06-16 13:10] ==> Image generation successful
[2012-06-16 13:10] ==> Building image from preset: 'fallback'
[2012-06-16 13:10] -> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux-fallback.img -S autodetect
[2012-06-16 13:10] ==> Starting build: 3.4.2-2-ARCH
[2012-06-16 13:10] -> Running build hook: [base]
[2012-06-16 13:10] -> Running build hook: [udev]
[2012-06-16 13:10] -> Running build hook: [pata]
[2012-06-16 13:10] -> Running build hook: [scsi]
[2012-06-16 13:10] -> Running build hook: [sata]
[2012-06-16 13:10] -> Running build hook: [filesystems]
[2012-06-16 13:10] -> Running build hook: [usbinput]
[2012-06-16 13:10] -> Running build hook: [fsck]
[2012-06-16 13:10] ==> Generating module dependencies
[2012-06-16 13:10] ==> Creating xz initcpio image: /boot/initramfs-linux-fallback.img
[2012-06-16 13:11] ==> Image generation successful
[2012-06-16 13:11] upgraded linux (3.3.8-1 -> 3.4.2-2)
[2012-06-16 13:11] upgraded lirc-utils (1:0.9.0-16 -> 1:0.9.0-18)
[2012-06-16 13:11] upgraded mesa (8.0.3-2 -> 8.0.3-3)
[2012-06-16 13:11] upgraded mysql-clients (5.5.24-1 -> 5.5.25-1)
[2012-06-16 13:11] upgraded mysql (5.5.24-1 -> 5.5.25-1)
[2012-06-16 13:11] upgraded nvidia (295.53-1 -> 295.59-1)
[2012-06-16 13:11] upgraded opencl-nvidia (295.53-1 -> 295.59-1)
[2012-06-16 13:11] upgraded pango (1.30.0-1 -> 1.30.1-1)
[2012-06-16 13:11] upgraded pcmanfm (0.9.10-1 -> 0.9.10-2)
[2012-06-16 13:11] upgraded psmisc (22.16-1 -> 22.17-1)
[2012-06-16 13:11] upgraded smbclient (3.6.5-2 -> 3.6.5-3)
[2012-06-16 13:11] upgraded thunderbird (13.0-1 -> 13.0.1-1)
[2012-06-16 13:11] upgraded udisks2 (1.94.0-1 -> 1.94.0-2)
[2012-06-16 13:11] upgraded unrar (4.2.3-1 -> 4.2.4-1)
[2012-06-16 13:11] upgraded virtualbox-archlinux-modules (4.1.16-1 -> 4.1.16-2)
[2012-06-16 13:11] In order to use the new version, reload all virtualbox modules manually.
[2012-06-16 13:11] upgraded virtualbox-modules (4.1.16-1 -> 4.1.16-2)
[2012-06-16 13:11] upgraded xine-ui (0.99.6-5 -> 0.99.7-1)
[2012-06-16 13:11] Running 'pacman -Syy'
[2012-06-16 13:11] synchronizing package lists
[2012-06-16 13:12] Running 'pacman -Syu'
[2012-06-16 13:12] synchronizing package lists
[2012-06-16 13:12] starting full system upgrade
[2012-06-16 13:13] upgraded lib32-freetype2 (2.4.9-1 -> 2.4.10-1)
[2012-06-16 13:13] upgraded lib32-gnutls (3.0.19-1 -> 3.0.20-1)
[2012-06-16 13:13] upgraded lib32-krb5 (1.10.1-2 -> 1.10.2-1)
[2012-06-16 13:13] upgraded lib32-libpng (1.5.10-2 -> 1.5.11-1)
[2012-06-16 13:13] upgraded lib32-libx11 (1.4.99.902-1 -> 1.5.0-1)
[2012-06-16 13:13] upgraded lib32-nvidia-utils (295.53-1 -> 295.59-1)
[2012-06-16 13:13] upgraded lib32-sqlite3 (3.7.11-1 -> 3.7.13-1)
[2012-06-16 13:13] upgraded lib32-util-linux (2.21.1-1 -> 2.21.2-1)
[2012-06-16 13:13] upgraded lib32-xcb-util (0.3.8-1 -> 0.3.9-1)
[2012-06-16 13:13] upgraded wine (1.5.5-1 -> 1.5.6-1)
Currently returning to the old fstab entry once again gives the initial error code about the security mechanism being upgraded in kernal release x.x (it always seemed to change with each kernel change) though the shares seem to mount just fine. I've looked through the wiki, man pages on die.net and googled everything I can think of and I find a lot pages mentioning ntlmv errors with no solutions, many telling me that ntlmv and ntlmv2 are mount options, but nothing that gives me any indication on why I might be getting this error or how to go about looking for a solution.
I've looked through the pacman logs on both my desktop and my file server that I'm connecting to in an effort to determine what might have changed and I found that:
the smbclient had been upgraded on both machines so I tried downgrading back to version 3.6.5-2 but there was no change when rebooting.
I also found cifs-utils had been upgraded on the file server. So I downgraded that as well to the previous version (5.4-1), rebooted both machines and I'm still getting the same invalid arguement error.
I've now gone back and upgraded to the most recent versions of the downgraded packages on each machine but I'm at a loss as to what my next steps should be. Where do I go from here to track this down and determine if this is a bug or configuration error. Is there a cleaner way of mounting these shares that I should be using instead of fstab?
Thank you.I had the same issue. After upgrading kernel to 3.4.5 today the cifs share mounted with original fstab settings. I believe it was caused by this bug:
kernel changelog wrote: The double delimiter check that allows a comma in the password parsing code is
unconditional. We set "tmp_end" to the end of the string and we continue to
check for double delimiter. In the case where the password doesn't contain a
comma we end up setting tmp_end to NULL and eventually setting "options" to
"end". This results in the premature termination of the options string and hence
the values of UNCip and UNC are being set to NULL. This results in mount failure
with "Connecting to DFS root not implemented yet" error. -
[SOLVED] LibreOffice and Network Shares via Gigolo
My work desktop mounts shares in Active Directory using Gigolo. I am able to mount, browse and generally be at peace with the world with this setup with Thunar and Nautilus, and everything else (eg, gedit).
For some reason, LibreOffice refuses to show any of the network mounts. When I try and save a document, the mounted shares just aren't there. I would expect them to show under "My Documents" in the left of this [img]screenshot[/img].
Browsing to ~/.gvfs/ doesn't display anything either.
If I try and open a file from any of the shares by double-clicking them in Thunar/Nautilus then I get the LibreOffice splash screen and then nothing. The main window doesn't open and the process terminates.
Any ideas folks?
Last edited by fukawi2 (2013-11-18 22:16:22)Well that's embarressing that it was that easy. That makes the whole thing look much better too. I had no idea there was a split of a separate Gnome package, but looking at the wiki it doesn't appear to be mentioned anywhere other than for making everything look nicer. I might fix that up.
Thanks Awebb +50 internets for you. -
Unattend Hit an error while pulling drivers from Network Share
Hi All,
I've run into an error with installing apps from network share via SynchronousCommands under Specialize pass in unattended answer file. I been trying to work on it since yesterday and haven't had any success so far. It keeps failing with an error below.
This error is from setupact.log file and I've just pasted only the error from the file .
synchronously
2014-09-27 06:31:20, Info [SETUPUGC.EXE] Process returned with exit code 0x0
2014-09-27 06:31:45, Error [SETUPUGC.EXE] Hit an error (hr = 0x80070056) while running [\\WDS-DEP-SERV\E\Distribution\Drivers\setup64.exe
/s ]
2014-09-27 06:31:45, Info [0x090009] PANTHR CBlackboard::Close: c:\windows\panther\commandexec\commandexec.
2014-09-27 06:31:45, Info [SETUPUGC.EXE] SetupUGC returning with exit code [4]
This error is from setuperr.log.
2014-09-27 06:31:45, Error [SETUPUGC.EXE] Hit an error (hr = 0x80070056) while running [\\WDS-DEP-SERV\E\Distribution\Drivers\setup64.exe
/s ]
Let me explain this situation. I've a server named WDS-DEP-SERV which is running my WDS, DHCP and DNS. I've an E drive on this server which contains setup64.exe and I'm trying to have the client pull that .exe via unattend answer file and install it either
during Specialize pass under windows deployment services via Synchronoouscommands or under OOBE pass under Windows Shell setup via FirstLogoncommands ---> Synchronouscommands, but it's not working. I believe that my path format for network share is wrong.
I've searched online almost everywhere since yesterday but I couldn't find anything.
Can anyone please let me know what's the right way of go about doing it? This is the only thing that's not working for me. Below is my answer file, in case someone needs to see what I'm doing wrong.
Thanks and hope to hear from someone.
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ComputerName>WIN-8-DEPL</ComputerName>
<ProductKey>MHF9N-XY6XB-WVXMC-BTDCT-MKKG7</ProductKey>
<RegisteredOrganization>Microsoft</RegisteredOrganization>
<RegisteredOwner>AutoBVT</RegisteredOwner>
<ShowWindowsLive>false</ShowWindowsLive>
<TimeZone>eastern standard time</TimeZone>
<CopyProfile>true</CopyProfile>
<BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>net user administrator /active:no</Path>
<Description>Enabling Built in Administrator Account</Description>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>DisableNetworkLocationPrompt</Description>
<Order>2</Order>
<Path>REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork" /v Category
/t REG_DWORD /d 00000000 /f</Path>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Path>REG ADD "HKLM\System\CurrentControlSet\Services\Tcpip6\parameters" /v DisabledComponents /t REG_DWORD /d 0xFF /f</Path>
<Order>4</Order>
<Description>Diasbling IPV6</Description>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Credentials>
<Domain>Mikasa.local</Domain>
<Password>Administrator</Password>
<Username>Ghtwhts2015</Username>
</Credentials>
<Path>\\WDS-DEP-SERV\E\Distribution\Drivers\setup64.exe /s </Path>
<Description>Vmware Tool Installation</Description>
<Order>3</Order>
<WillReboot>Always</WillReboot>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SearchScopes>
<Scope wcm:action="add">
<ScopeDefault>true</ScopeDefault>
<ScopeDisplayName>Google</ScopeDisplayName>
<ScopeKey>Google</ScopeKey>
<SuggestionsURL>http://www.google.com/search?q={search Terms}</SuggestionsURL>
<ShowSearchSuggestions>true</ShowSearchSuggestions>
<ShowTopResult>true</ShowTopResult>
</Scope>
</SearchScopes>
<DisableAccelerators>true</DisableAccelerators>
<DisableFirstRunWizard>true</DisableFirstRunWizard>
<Home_Page>www.marca.com</Home_Page>
<BlockPopups>yes</BlockPopups>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="Remote Desktop">
<Active>true</Active>
<Group>Remote Desktop</Group>
<Profile>all</Profile>
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserAuthentication>0</UserAuthentication>
<SecurityLayer>1</SecurityLayer>
</component>
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
<component name="Microsoft-Windows-TCPIP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<Interfaces>
<Interface wcm:action="add">
<Identifier>00-50-56-30-85-87</Identifier>
<Ipv4Settings>
<DhcpEnabled>false</DhcpEnabled>
<Metric>10</Metric>
<RouterDiscoveryEnabled>false</RouterDiscoveryEnabled>
</Ipv4Settings>
<UnicastIpAddresses>
<IpAddress wcm:action="add" wcm:keyValue="1">172.16.5.21/24</IpAddress>
</UnicastIpAddresses>
<Routes>
<Route wcm:action="add">
<Identifier>0</Identifier>
<Prefix>0.0.0.0/0</Prefix>
<Metric>10</Metric>
<NextHopAddress>172.16.5.1</NextHopAddress>
</Route>
</Routes>
</Interface>
</Interfaces>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>RwBoAHQAdwBoAHQAcwAyADAAMQA2AFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>10</LogonCount>
<Username>DarkKnight</Username>
<Domain></Domain>
</AutoLogon>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideWirelessSetupInOOBE>false</HideWirelessSetupInOOBE>
</OOBE>
<UserAccounts>
<AdministratorPassword>
<Value>RwBoAHQAdwBoAHQAcwAyADAAMQA2AEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAUABhAHMAcwB3AG8AcgBkAA==</Value>
<PlainText>false</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>RwBoAHQAdwBoAHQAcwAyADAAMQA2AFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Description>Admin User Account</Description>
<DisplayName>Omar</DisplayName>
<Group>Administrators</Group>
<Name>Omar</Name>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<RegisteredOrganization>Mikasa</RegisteredOrganization>
<RegisteredOwner>Mikasa</RegisteredOwner>
<ShowWindowsLive>false</ShowWindowsLive>
<TimeZone>eastern standard time</TimeZone>
</component>
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
<UILanguageFallback></UILanguageFallback>
</component>
</settings>
<settings pass="generalize">
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipRearm>1</SkipRearm>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:e:/windows-os-images/win8.1x86ent-wimfiles/install.wim#Windows 8.1 Enterprise" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>Hi,
Thanks for replying with your input. I'll go over that and make changes. Can you please help me out with the following as I can't figure this out why my script on the network share run and execute during unattend install?
My script on my network share failed to run during unattend install right before the first login.
Can someone take a look at my unattend xml file
and suggest me a solution? I've highlighted the script paramters in bold. I've also attached my error message with this. Please check it out and make some suggestions. Thanks
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35"
language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ComputerName>WIN-8-DEPL</ComputerName>
<ProductKey>MHF9N-XY6XB-WVXMC-BTDCT-MKKG7</ProductKey>
<RegisteredOrganization>Microsoft</RegisteredOrganization>
<RegisteredOwner>Microsoft</RegisteredOwner>
<ShowWindowsLive>false</ShowWindowsLive>
<TimeZone>eastern standard time</TimeZone>
<CopyProfile>true</CopyProfile>
<BluetoothTaskbarIconEnabled>false</BluetoothTaskbarIconEnabled>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>net user administrator /active:no</Path>
<Description>Enabling Built in Administrator Account</Description>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>DisableNetworkLocationPrompt</Description>
<Order>2</Order>
<Path>REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\NetworkList\Signatures\FirstNetwork"
/v Category /t REG_DWORD /d
00000000 /f</Path>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Path>REG ADD HKLM\System\CurrentControlSet\Services\Tcpip6\parameters /v
DisabledComponents /t REG_DWORD
/d 0xFF /f</Path>
<Order>3</Order>
<Description>Diasbling IPV6</Description>
<WillReboot>Never</WillReboot>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Credentials>
<Domain>Mikasa.local</Domain>
<Password>Ghtwhts2015</Password>
<Username>Administrator</Username>
</Credentials>
<Path>\\WDS-DEP-SERV\E\Distribution\Drivers\setup64.exe /s
/v "/qn REBOOT=ReallySuppress" /l C:\Windows\Temp\vmware_tools_install.log</Path>
<Order>4</Order>
<Description>Vmware
Tools Installation</Description>
<WillReboot>Always</WillReboot>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-IE-InternetExplorer" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<DisableAccelerators>true</DisableAccelerators>
<DisableFirstRunWizard>true</DisableFirstRunWizard>
<Home_Page>www.marca.com</Home_Page>
<BlockPopups>yes</BlockPopups>
</component>
<component name="Microsoft-Windows-TerminalServices-LocalSessionManager" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<fDenyTSConnections>false</fDenyTSConnections>
</component>
<component name="Networking-MPSSVC-Svc" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35"
language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<FirewallGroups>
<FirewallGroup wcm:action="add" wcm:keyValue="Remote Desktop">
<Active>true</Active>
<Group>Remote Desktop</Group>
<Profile>all</Profile>
</FirewallGroup>
</FirewallGroups>
</component>
<component name="Microsoft-Windows-TerminalServices-RDP-WinStationExtensions" processorArchitecture="amd64"
publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserAuthentication>0</UserAuthentication>
<SecurityLayer>1</SecurityLayer>
</component>
<component name="Microsoft-Windows-Security-SPP-UX" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipAutoActivation>true</SkipAutoActivation>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AutoLogon>
<Password>
<Value>RwBoAHQAdwBoAHQAcwAyADAAMQA2AFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Enabled>true</Enabled>
<LogonCount>10</LogonCount>
<Username>DarkKnight</Username>
<Domain></Domain>
</AutoLogon>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<NetworkLocation>Home</NetworkLocation>
<ProtectYourPC>1</ProtectYourPC>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideWirelessSetupInOOBE>false</HideWirelessSetupInOOBE>
</OOBE>
<UserAccounts>
<AdministratorPassword>
<Value>RwBoAHQAdwBoAHQAcwAyADAAMQA2AEEAZABtAGkAbgBpAHMAdAByAGEAdABvAHIAUABhAHMAcwB3AG8AcgBkAA==</Value>
<PlainText>false</PlainText>
</AdministratorPassword>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Password>
<Value>RwBoAHQAdwBoAHQAcwAyADAAMQA2AFAAYQBzAHMAdwBvAHIAZAA=</Value>
<PlainText>false</PlainText>
</Password>
<Description>Admin
User Account</Description>
<DisplayName>DarkKnight</DisplayName>
<Group>Administrators</Group>
<Name>DarkKnight</Name>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<RegisteredOrganization>Mikasa</RegisteredOrganization>
<RegisteredOwner>Mikasa</RegisteredOwner>
<ShowWindowsLive>false</ShowWindowsLive>
<TimeZone>eastern standard time</TimeZone>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>cmd /C start
/wait E:\RemoteInstall\Images\Windows8\install\$OEM$\$$\Setup\Scripts\SetupComplete.cmd</CommandLine>
<Description>Various Apps Installation</Description>
<Order>1</Order>
<RequiresUserInput>false</RequiresUserInput>
</SynchronousCommand>
</FirstLogonCommands>
</component>
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<InputLocale>en-US</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
<UILanguageFallback></UILanguageFallback>
</component>
</settings>
<settings pass="generalize">
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35"
language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SkipRearm>1</SkipRearm>
</component>
</settings>
<settings pass="offlineServicing">
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<EnableLUA>false</EnableLUA>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:e:/windows-os-images/win8.1x86ent-wimfiles/install.wim#Windows
8.1 Enterprise" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend> -
Finder crashes when trying to connect to network share
Hi!
I've just upgraded my Mid 2012 MacBook Pro to Mavericks, and found that Finder always crashes when trying to connect to my office network share via an IPSec VPN connection. It's a Synology DiskStation NAS, so i have the options to connect via AFP or SMB, however both result in the same, the crashing of finder. Even after i relaunch it, i can't open finder, and can't even shut down or restart my system (only by holding the power button for 5 secs...)
At first i thought it's the result of the latest Little Snitch version, but the problem remained after completely removing Little Snitch.
Unfortunalely i won't be able to try connecting to the NAS on the local network until monday, but i'd really appreciate if someone could point me to the direction of some solution as this way i can't do any of my work.Just a quick heads up. I finally managed to resolve the issue. It seems that mavericks doesn't handle the MTU of the vpn connection correctly, so i ended up modifying the MTU on the VPN gateway.
-
How can I add email (via outlook client) to share options of preview app
how can I add email (via outlook client) to share options of preview app
You can't. Apple's share button only supports Apple Mail (as specified by launching Apple Mail, choosing preferences and choosing general.). Maybe Apple will open this up to other apps in future updates.
-
Windows 7 SP1 client file lock on network share hosted ny WIndows 2012 Server
Hello
I have one strange problem after migration from Windows 2003 Server to Windows 2012 Server R2 Standard.
All migration tasks went well but two things do not work.
In Computer Management you have The Opened Files feature and if you open any file that is located on the network share hosted by Windows 2012 R2 form Windows 7 SP1 and then close it
it remains open in the Opened Files tab (even if you wait an hour). There is no problem with Windows XP SP3. The issue exist only with Windows 7.
The session view of sessions to the file server do not work. If I try to open it I get the message that the application is not responding.
Can someone help me with that ?
About the environment:
It is one server Domain migrated form 2003 to 2012R2.
The domain and forest level was raised to 2012 R2.
I have made clean install of Windows 2012 R2 and then migrated AD.
Best Regards
Sebastian SalaHi Sebastian,
>>There is no problem with Windows XP SP3. The issue exist only with Windows 7.
T>>he session view of sessions to the file server do not work. If I try to open it I get the message that the application is not responding.
Based on the description, please check event logs in Event Viewer to see if there were some related events logged. Besides, does this phenomenon happen all Windows 7 clients? We can try to restart the client to see if it helps.
Best regards,
Frank Shen
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Network Shares, Mobile Clients, Kerberos and Single Sign On Woes
Hi anybody,
I'm sure there is a really simple answer to my network share problems but I just can't seem to get them to work. Does anybody understand OD/Kerberos/SSO?
I am running 10.4.10 with DNS, AFP and OD.
My DNS is correctly configured, I can resolve IP into name and back again on server and client machines and it's not using a .local domain.
My OD is set up as a master with the correct LDAP search base settings, Netinfo is off for some reaseon but I can't turn it back on even if I wanted to. I have directory binding enabled as well as requiring clients to bind to directory.
My AFP is set to enable Bonjour registration and Authentication is set to Kerberos.
My client computers are able to access network accounts and my mobile clients are able to sync their home directories.
All seams to be working exceptionally well except for access to the shared network folders.
I am convinced that the network folder is set up correctly as I have RTFM many times and if I play with the acess settings such that anybody has read and write permisions, clients are able to access the data.
However, I wan't to reach my networking Nirvana where I can control access to the network share depending on group id. This shouldn't be difficult but it does seem unatainable for me .....
Having done a bit of trouble shooting and more reading, I can see that the clients are trying to access the share as an unauthenticated user ..... which is where it all goes wrong for me.
I thought that Kerberos SSO would have sorted this out but I don't think the clients are even trying to authenticate with the server as thay use the local Netinfo database to log in.
How do I get clients and mobile clients to do a Kerberised SSO at login?
Anybody !
Thanks in advance.bump?
-
Add network share on client desktop
Upon a group of SL clients logging into our SL server, I want them to see a network share, similar to how a group folder shows up on the desktop as a "connected server drive".
I can not figure out how to do this. I can get the group folder to mount automatically, but not a different afp share.I should add that I tried the things mentioned at https://discussions.apple.com/thread/2089664?start=0&tstart=0
and have searched for any information on getting a folder to show up on the desktop of a client.
No luck yet... can you please offer a suggestion?
Thank you -
Am I correct in assuming I can not create a `symlinkd` to a network share, local path, or a UNC path on a network share that will be accessible by clients?
###Mapped drive letters don't work:
1) navigate to a network share:
pushd \\windows2008server\share\
2) make a hardlink:
mklink /d test_sharedir t:\directory\
dir .\test_sharedir
#Directory of Z:\test_sharedir
#File Not Found
UNC paths don't work:
1) navigate to a network share:
pushd \\windows2008server\share\
2) make a symlink:
mklink /d test_dirunc \\windows2008server\share
dir .\test_dirunc
#Directory of Z:\test_dirunc
#File Not Found
I can create a functional `symlinkd` on a local drive to a mapped drive letter or a UNC path.
Are my assumptions above correct?
We are in the middle of a migration and have created two symlinkd to UNC paths for shared DLLs, one below c:\windows\system32\ (directing to a share containing 64-bit DLLs) and one below c:\windows\syswow64 (directing to a share containing 32-bit DLLs).
On the file server, we have had a path to 32-bit DLLs (from Windows 7 clients: s:\dll\). I am attempting to rename this directory so that it is accessible via "s:\dll32\" and would like to create a symlinkd that links "s:\dll" to
"s:\dll32" [again where S: is a mapped drive on a Windows 2008 server]. How do I do this?
Thanks,
MattHello Mandy,
The link you sent me is for Netapp CIFS server daemon contained within DataOnTap (the Netapp OS) to follow symlinks. I am inquiring about the Microsoft products Windows Server and Windows 7.
To gain a better understanding of the Microsoft Windows Server and client (Windows) CIFS stacks and interaction of the stacks, I have referred to Figure 6 "Server Message Block Server Model" within the following (albeit older) document: http://download.microsoft.com/download/2/8/0/2800a518-7ac6-4aac-bd85-74d2c52e1ec6/tuning.doc
You will see the following:
I assume that the Windows Server CIFS server service must be "smart enough" to determine that a CIFS client is attempting access to a SYMLINKD and actually fill the request by following the SYMLINKD. The CIFS server service does not appear
to operate like this.
1) Am I correct in my assumption that the CIFS client (redirector) and the CIFS server (server) do not following symbolic links (whether they be file or directory)?
2) If not, how do I submit a feature request for this so that it can be reviewed and approved or not approved for inclusion/hotfix release?
Thanks for your time,
Matt Brown
[UPDATE]
Note that you can use a `directory junction` instead of using a SYMLINKD, to link to LOCAL resources (source). However, `directory junctions` do not allow access to resources over UNC. -
Access Denied when trying to open a file that is encrypted on network share with EFS
I just recently enabled EFS on the default domain policy and created a new network share, encrypted a file and added myself to that file and tried to open the file from my workstation. I then receive an error "Access denied", I also tried
to create a file and encrypt it on that same share and get an error "The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation."
My steps.
1. Enable group policy for EFS, removed the expired certificate that was already there and Created a new Data recovery agent.
2. Created a network share, created a test file, enabled encryption on the file
3. certmgr.msc, personal and requested a new certificate, Basic EFS
4. On the network share and properties of file, advanced, details and added the user
5. from the workstation tried to access the file, Access Denied. I can create any file I won't just can't add attributes to encrypt the file or open an encrypted file
Now if I go to the server where the CA is located which is also the AD server and create share and run the same process it works as expected. I'm guessing I have to export the cert from the CA server as a pfx and import that to both the server that
has the network share and the workstation but that still doesn't seem to work. Maybe I don't understand how EFS works and this is not possible? Any suggestions would be appreciated.You are correct in not understanding how EFS works.
When you connect to an encrypted file via a network share, the encryption/decryption takes place *on* the server. To enable over the network access, the server's computer account must be trusted for delegation.
The server actually impersonates the user and creates a user profile on the server (containing the defined EFS certificate and private key). The important thing to remember is that the files is transmitted in clear text from the server to the client.
See http://blogs.technet.com/b/instan/archive/2010/08/11/remote-efs-decryption-and-trusted-for-delegation-requirements.aspx
Brian -
How to get "fast user switching" and network shares playing nice
I've been alternating between banging my head against a wall and reading every forum I could find to try and get a reasonable compromise between using "Fast user switching" and sharing a folder from a file server. It baffles me how the network share/mount model of OSX/AFP is completely killed by fast-user-switching; this is a big problem with Apple requiring users to be actively logged in to share music/video from iTunes which therefore essentially requires fast-user-switching if anyone else wants to use the computer. (anyone find it odd that you can share files without being logged in, but sharing songs requires an active login for each user who is sharing? Apple: time to make iTunes sharing a service!)
For the sake of example, lets just say I want to share my /Groups folder from my desktop and have it be accessible to my laptop. Here are all the things that I tried:
Apple Method 1) Share /Groups in the Server.app on the desktop (running Lion Server), use finder on the laptop and drag the share icon to "Login Items", alternative use a startup Apple script using "mount volume" Both of the options work and will mount the /Groups folder under /Volumes/Groups, of course when the second person logs in via fast-user-switching (and occasionally the first person for no apparent reason), they will get /Volumes/Groups-1 since /Volumes/Groups is already taken. Tomorrow we log in a different order and now the previously /Volumes/Groups-1 user has their mount at /Volumes/Group and vice versa. Any links, aliases, finder sidebar references, and application settings which pointed to yesterday's location are now BROKEN. Not very user friendly to my mother-in-law who is trying to find those pictures of the kids and doesn't know anything about mount points. I also can't reasonably mirror the file location structure on the desktop so that application preferences that are synced between the two (portable home directories) work. fail.
Apple Method 2) Use automounter and set up by hand direct maps for /Groups or an indirect maps for the children of /Groups. Now it will automatically get mounted to /network/servers/SERVER/Groups/ on the laptop and on the desktop it will automatically create a similar symlink structure so that the same path (/network/servers/SERVER/Groups) work both on desktop and laptop. Cool. Except when the second person logs in, the /network/servers/SERVER/Groups/ mountpoint is already owned by the first user and they don't have any permissions to access it. Fail.
Apple Method 3) Use mount_afs and specify directly the mount-points. Have each user have their own startup AppleScript which mounts /Groups to a different location (e.g. /Users/Shared/username/Groups) that way they don't conflict with multiple users. On the desktop, set up symlinks from /Users/Shared/username/Group to /Groups so that it will be the same as the client and applications settings will work when synchronized back/forth by portable-home-directories. Will it work, yes it does, but what a bear to maintain. Is this really what I should expect to do just to have multiple users on my desktop and laptop (which again is essentially required now if I want to do any type of iTunes sharing). This can't be what apple expects.
What I ended up doing - the "not quite apple" solution.
Non-Apple Method 4) After a read of "Autofs: Automatically Mounting Network File Shares in Mac OS X" (http://images.apple.com/business/docs/Autofs.pdf) at the very end there is a single paragraph of "Kerberized NFS": "A Kerberized NFS mount can have multiple connections from multiple users, each using the correct user’s credentials for each transaction. This allows administrators to support multiple users, each authenticated with their own credentials to the same mount point. This is very different from AFP and SMB mounts," (emphasis mine)
It appears that by using good 'ole NFS (abeint with Kerberos for security!) you can actually have multiple users on the same mount point. Roughly following the guidance at https://support.apple.com/kb/TA24986?viewlocale=en_US. What I needed to do was:
1) create /etc/exports on my desktop and add a single line "/Groups -sec=krb5". The existence of /etc/exports triggered a start of nfsd which no longer has any GUI options in Lion.
2) Add a line to /etc/auto_master on my laptop "/- auto_mymounts" to reference a new direct map.
3) Create /etc/auto_mymounts and add a single line "/Groups SERVER:/Groups" to create the direct map.
THAT'S IT. Three lines in three files.
Now when I log into my laptop, there is a /Groups that is a network mount of my desktop's /Groups, same location AND it works for all of my users, even simultaneously.
In the end I'm happy with what I've got, but man was this a difficult path just to support fast-user-switching. In Lion, Apple appears to be getting away from NFS (no longer turned on by default and remove from the GUI controls) but clearly this really useful functionality which doesn't exist in AFP.
I'm really curious, after all this work. Any other ways to accomplish this?In my example above, yes I chose to mount the share "Groups" to the top of the root since that is where I put it on my server and I wanted to keep them similar; but that was just my preference, it isn't a requirement. You can export and mount from other directories.
-
Can you use a network share as location for users' home
I am running a Mac mini with Mountain Lion and Server.app as a home server. For added storage space I have a NAS. I would like to set up the open directory network users' home share on the NAS. Is that even possible?
I am able to mount the network share on the mini using either afp or nfs, and I can also add the NAS share as a home folder enabled share in the server.app and select that as location for a users home folder, but that only results in the user not being able to log on to his account. Is there something that I am missing or is what I am trying to accomplish simply not possible?It used to be officially supported to use NFS for clients to access their network home directories but with Lion (and Mountain Lion) this was no longer officially supported.
Therefore the need as I mentioned to 're-share' the volume via AFP. As you implied this does unfortunately impose an additional network overhead as traffic has to go as follows.
client ----> AFP ----> Server -----> NFS -----> NAS
What you could consider to help at least a little bit is to connect the server to the NAS on a totally separate network to the network the server uses to talk to the clients on. The main network would be between the server and clients, and you would use a second Ethernet connection just link the NAS and the server. As the clients will not need to talk directly to the NAS this will not be a problem. This would at least mean that each network only gets one set of traffic either AFP or NFS but not both and means the server can use both at full speed at the same time.
The Mac Pro still has two built-in 1Gbps Ethernet ports but you can also get either a USB3 Ethernet adaptor or a Thunderbolt to Ethernet adaptor (I have used one of these on a Mac mini server).
If you did not already have the NAS then people starting from new would be better off either getting a Thunderbolt RAID which can be directly attached to the Mac server, or at the higher-end go the traditional route of setting up a SAN and using an FDDI connection.
Note: You can now get Thunderbolt to FDDI interfaces.
Maybe you are looking for
-
My ipod shuffle will be recognized as a device and then the icon goes blank like it disconnected?
my ipod is only recognized by my PC for a few seconds and diconnects. why?
-
Please help!
-
How do I take a snapshot of a form in pdf and import onto a ppt slide?
How do I take a snapshot of a form in pdf and import onto a ppt slide?
-
I have a page I'm developing that has a greensock split text field that I use to animate text. http://jimslounge.com/segovia/ I'm using a timer to help control the tween it doesn't work real smoothly. import com.greensock.*; import com.greensock.easi
-
Dashboard Prompts How to call in report
Dear All, I created one dashboard prompts. How to call this prompts in report. Thanks Edited by: 816377 on Dec 12, 2010 11:01 PM Edited by: 816377 on Dec 12, 2010 11:28 PM