Lion Server 10.7.3 file sharing permissions

Similar Messages

• How do I set up file sharing in Lion Server to work like file sharing in Lion Client?

  I've just installed Lion Server on my home iMac to enable remote access via VPN to my home network.
  When the iMac was running Lion Client (before the upgrade to server), and when File Sharing was enabled on the iMac; when other Macs on the LAN connected to the iMac via AFP, they were always able to connect to (share) any mounted external volumes (external USB or FireWire drives connected to the iMac). e.g.
  Now that I've upgraded to Lion Server, when other Macs on the LAN connected to the iMac via AFP they are only able to connect to (share) the sharepoints listed in the File Sharing pane of Server.app. e.g.
  Is there any way to set up File Sharing in Lion Server so that it works the same way as it does in Lion Client with respect to mounted external volumes? i.e. they are automatically shared? I know I can add each volume manually to File Sharing in Server.app but this gets tedious.
  Many thanks!

  I normally have a Firewall enabled. I recently had to do an erase and install of Lion, followed by a one-by-one re-install of all of my software. One of the first things I did was to set up all of my System Preferences the way I like them; Turning the Firewall on was one of them. Later I noticed it was off and turned it on again. I had already set up sharing and was surprised to see the problem when I turned it back on.
  As to why do I think it needs to be on. It is another part of my security layer.

• Problem with File Sharing-Permissions throughout Folders

  I'm having an odd problem when setting up a Mac Pro with File Sharing. I have a second Hard Drive in it which is a Server Drive to be shared as a networked Hard Drive for both my MBP and my Fiancee's MBP. Here is the problem I have.
  I set up File Sharing and set up both her ID and my ID. Since this is done she is able to get to drive from my MBP and she is able to get to the drive from her MBP. I am able to read or write to those folders. She is able to view them but is unable to write to them.
  I went to the Server Drive icon on the Mac Pro's Desktop. When I right click and do "Get Info" and select Sharing I can tell her ID is not listed on any of the Folders. She is listed as Read and Write for the entire Hard Drive (which is an internal drive). I am also listed as Read and WRite and then it lists Everyone and says No Access. The same is listed in System Preferences in File Sharing. I have heard this Everyone 'No Access' can cause problems but I prefer not to give access to everyone. The only other option is Read Only and Read and Write. Also, when I have Everyone selected the - sign is greyed out so I'm unable to remove Everyone.
  To continue, what is strange is I thought with it saying on the Server Drive itself for my Fiancee, read & write, that it would say this on every Folder inside. Yet when I select any Folder inside on the Server Drive and select Get Info it says for me "Read & Write" and for Staff "Read Only" and for Everyone "Read only" I'm not even sure where Staff comes fro and of course Everyone is Read Only and my Fiancee not even listed. It just seems that these file sharing permissions are not replicated througout all the Folders when I select it for the Hard Drive itself. What could be causing this and how can I get the same to go throughout the Folders? I know manually I could change them all but this would take a long time and likely still be a problem when any additional Folders are added.

  1. I have turned logged into it from my MBP while at Home and if I'm logged in as Guest I only see the Server Drive which is good. My concern is that if I log in with my login I then sell all Folders including the Main 'Macintosh HD' At least as a guest I can only see the Server Drive but is it any way I can stop it from showing all the other folders on the computer since I have no reason to do that?
  When you login to a mac as an administrator it is normal to see all the contents of the volumes connected to that mac.
  2. Also, I would like to disable all access for Guest. Yet I have it list Everyone or Guest in the file sharing and I have no way of deleting this. I don't want a Guest to be able to connect to this computer or share any files at all on it. Is there any way to disable this?
  Goto system preferernces-->accounts
  click on the lock to and enter your password to unlock the preference pane.
  Then select the guest account. Then uncheck the 2 check boxes. The account should now have 'disabled' underneath it.
  3. Security: How secure is this? I am using it on a Home Wi-Fi network with an Airport Base Station 1GB. I have the Leopard filewall set to "Set Access for Specific Services" since it won't work with "Allow only essential services" I hope my home network is more security but with Back to my Mac how hard would it be for someone to be able to find this computer on the network? I don't do any filesharing on my MBP but do have it set up for File Sharing but only with my login ID.
  If you have your base station set to distribute ip addresses then it is acting as a NAT router and will firewall you.
  I have not setup back to my mac yet so can't comment on its security. Although I would suggest a strong password.
  have a read of Mac OS X 10.5: About Back to My Mac security
  My method of remote access is to use SSH and run screen sharing over an SSH tunnel.

• Is FTP server better than common file sharing

  what is better : ftp server or common file sharing on server
  i need to convince the management that ftp server is better than file sharing on server but i need some strong security points.

  I agree on DropBox.
  In DropBox, Favorite (Star) the files (documents, MP3...) when you are on-line.  They will be available when you are off-line. Test access to your files in Airplane mode before you leave home.
  To bring the document into an app (e.g., Pages), use 'Open In..'..  the MP3, you can just tap in DropBox. 
  There are solutions to get files back from different apps to DropBox, but honestly it is probably just easiest to email it to yourself (and then use your Mac to copy the final file back to DropBox for reference purposes).
  Have a good vacation.

• Lion Server and 3DS Max files

  Hi,
  We have just gone from using an Xserve running 10.4.11 with an attached Xraid, to a Mac Mini Server running 10.7.3 and an attached Promise Pegasus R6 12TB Thunderbolt raid.
  Everything is fine except one thing. The PC users running a mixture of Windows XP and Windows 7 can no longer open their 3DS Max (.max) files. I have had a search around and it seems that other people have encountered the same problem, but as far as I can make no one has found a solution. They just get a File Open Failed message.
  If anybody has come across and resolved this problem or could offer any suggestions it would be much appreciated.
  Thanks in advance.

  Apple should be brought up on UI crimes for the mess that is permissions in Lion.  It is easy once you understand what they are doing and where the tools are hidden.
  So first, ignore the File Sharing tab as it is useless and feature poor.  Instead, do this:
  1:  Launch Server.app
  2:  Select your server under the Hardware section in the left column.
  3:  Click on the Storage tab
  4:  Drill down to find the parent folder of your share point
  5:  Use the Gear popup menu to access the Edit and propagate features
  This shows an example.  When you choose the Edit Permissions... option, you will see a window like the following:
  The three entries are the POSIX permissions.  They represent UNIX Owner (root), Group (Wheel), and Everyone (Other).  This is an EXAMPLE Folder.  Yours will be different.  These permissions do not inherit!  If you change the group from Wheel to staff, it will mean nothing in relation to the permissions.  You must ADD another entry to the table.  The new entry is an Access Control Entry and establishes an ACL (access control list).  The ACL will inherit if defined as such. 
  So in this example, say you have a folder owned by the local admin and by the admin group.  Press the + button and then set that group to your departmental group.  Then set permissions to Read/Write.  Press OK.  This will return you to the main window.  Click on the Gear button again and choose propagate permissions to cascade the new permission set through all existing files.
  You should disconnect clients and then reestablish a new sharing session to ensure you are seeing the proper permissions model.
  Apple should be ashamed at the poor job of showing the difference between POSIX and ACLs.  This is really a step backward as compared to older versions of server.

• File Sharing permissions

  I have 2 iBooks in the same office. They are set for file sharing. I have trouble moving files from one computer to the other. Always get the message that I don't have the proper permissions. How does one resolve this problem - so that all files can be easily moved from one computer to the other?
  Thanks
  Charles

  Not sure what folders you['re trying to copy/move from/to.
  Go get SharePoints from , http://www.hornware.com
  Install on both macs.
  Configure shared folders & permissions using this fine utility.
  (sharepoints app manages the samba server files that regulate sharing permissions. It's a GUI view into the smb.conf setup)

• File sharing permissions for AD Domain Admins?

  I've binded Mavericks to a Windows network with Active Directory, turned on File Sharing under System Preferences > Sharing, and added the Domain Admins group; how can I configure permissions so that the Domain Admins can read and write to and from all files and folders on the MAC HD without affecting other user's permissions?
  If I "apply to enclosed items..." the Domain Admins' Read & Write permissions from the root volume then Everyone (gets unintentionally propagated) can access all files!
  Ideally, the Domain Admins need the same permissions as the root administrator even after a new user has logged onto the MAC and had their Home Folders created in the future; In other words I need them to be able to access files and folders for all accounts past, present and future, but all other user's access must stay the same. Does that make sense?
  Is this even possible with AD binding? Would having a MAC OSX Server/Open Directory facilitate this better?
  Any help would be much appreciated!

  I tried adding the Domain Admins to the wheel group, but that never helped either. Also the "apply to enclose items" only seems to work for the entire share (left side)--not individual users or groups (right sde).

• OS X File Sharing permissions

  I have set up a small office network over a WLAN, in which I have computers H2 & H3, which are Mac Minis (late 2012, i5 dual core, 4GB RAM), and two MacBook Pros (late 2008 and late 2010). I am using H3 to store the project folders and have given permissions to various sharing-only users  (A, B, C) I created on H3 System Preferences as read only or read and write according to the projects they are working on. This all seemed to work ok, but strange things started to happen:
  1.  If A is using H2 (or a MBP) and logs in to a project folder on H3 to which he has read and write permissions, and creates a new sub-folder within this, often (but not always) the owner of the folder sitting at H3 cannot see the contents of the new sub-folder. The folder icon shows up with a small red circle with a white dash through it, and says that I do not have permissions to view that sub-folder.
  2. For a user at H3 to delete the folder created remotely by A (either from H2 or one of the MacBook Pros) an admin password is required. Why should this happen? H3 is the owner of the folder, and as it lives locally on his drive surely he should be able to do this? It seems to require going into System Preferences>File Sharing, right clicking the folder in questions, and selecting "Apply Permission to Enclosed Items" after which it's possible to delete the folder. However this is a pain to keep doing every time one wants to delete a folder.
  3. Once a user is logged in sometimes it is not possible for him to disconnect
  Please advise as I am trying to work in an organised way using File Sharing but keep getting stumped.
  Spent nearly 2 hours on phone with Apple Support, who first advised software update to 10.9.5, and when this still didn't resolve the issue they seem to be stumped too!

  By default, Mac uses POSIX permissions which do not inherit to the sub folders and you are forced to do the apply permissions to apply the permissions on the top level folders to the items created below.  You need to set ACL permissions on the folder for the files to pull the inherited permissions.  This is easily done with Mac Server, however it sounds like you are not using the server app so you will need to use the chmod commands in terminal in order to set the ACL permissions.  If you Google something like "set acl permissions mac os 10.9," there are a number of articles with different ways you can set them and get them working the way you are looking for.

• Got Connect to Server to work again, file sharing 4.9 to 10.1.5!!!

  Folks:
  Have a number of unanswered questions lost on this forum, and been following as many of the threads pertaining to file sharing as possible--and finally pieced some of the suggestions, mostly from BDAqua, together and got the two units to connect. Before this I got "Log In Failed" or "Connection failed" error windows. Haven't had time to actually move files, but I did open some JPEG's from the 10.1 computer in the 10.4.9 . . . what got it working doesn't totally make sense--but it worked.
  When I first posted my issue after erase & upgrade from 3.9 to 4.9 BD asked me if I had another User in account to do some testing with--and I said yes, but what will that do? And he said, ah, you could test things . . . wasn't real encouraging--I think I logged into one new account and tried to connect and it FAILed. Went on to the "roll the AppFileServer kext back to 4.8 version--didn't work. Kept whining--eventually everybody stopped replying. Then I saw another comment by BDAqua answering someone about some issue with having the same user name when trying to use File sharing; that was awhile back.
  Today--put those ideas together and logged both computers into the other user and then used Connect to Server, entering IP address--got the Log In window--put password in and--IT CONNECTED, but only to a "Drop Box" folder that I didn't have "privileges" to open. Following another thread's idea I changed both of those accounts to "allow user to administer computer" in Acounnts. In Tiger I had to log back into the main account to do that--and then I tried to connect, and that time it worked. The most important thing is having another user name to enter--and then I could get access to the HD of either computer. Still some things to work on--going from the iBook to the iMac I can open all files, going from the iMac back to the iBook I can mount the HD, but some of the original files in my Home folder have red minus's and can't be opened. What was odd is that both of my other user accounts have the same name/password, but I could connect; but couldn't with the main accounts--having the same name/password. When I changed those extra accounts into admin also and then logged back into main accounts--I connected by using the name/password of the OTHER account in the second computer.
  The Key is as BD "recalled seeing somewhere" that the User name should be different, so you can use another account on that computer. In Panther it didn't matter if both computers had the same name--in Tiger apparently it does. Hope this helps--took me a lot of messing/time to bring all the details together--1.5 months. A head's up from Apple might have been--nice???
  eep
  iBook G4, 14, 933 MHz,   Mac OS X (10.4.9)   iMac G4, 15, 800MHz, (10.1.5)

  Rick/BDAq:
  Verbosity doesn't really begin to cover it--that was the short version of the process. 1.5 months ago had 15 posts--100 posts later a solution was developed. Don't know if rolling back the kext to 4.8 is needed--won't get a chance to try doing a full install of 4.9 + Security update on my Ext HD to test what is really necessary. Or whether it is necessary to make the New Account an administrator or not; when they connected it was so surprising and so simple. I'd like to find the thread where it shows how to change the original User Name for the admin/computer & see if that is all that is needed. Like all creative people I named my units after me, my name. Now I'd like to change one to be "Johnny" or I'll name it "Tiger" after all the fiddling it's taken to find such a simple solution--I've grown attached to my OS. : - 0
  Haven't had the chance to check the link to Hornware--thanks Rick, but Firefox couldn't find the server. BD--thanks for being there, buddy.
  eep

• File Sharing permissions not saving on second drive

  Hello,
  in my Mac Pro running 10.5.6 I have a second drive that I recently installed, This drive has two folders in it that i wish to share. So I did the following steps:
  System Preferences > Sharing > File Sharing (SMB Sharing is being used as well as AFP)
  I then clicked the Shared Folders + and added folder1
  The following users were automatically added
  MyAccount Read and Write
  MyAccount Read and Write
  Everyone Read and Write
  Whenever i edit these permissions or attempt to add another user everything seems to of gone fine, but when i close System Preferences and reload it i get the following
  folder1 is still shared
  and the permissions are still the same as above.
  I've looked at editting the smb.conf file in /etc/smb.conf but i don't want to do that unless necessary. Also it doesn't appear that any of the other settings are saved here any information would be appreciated.
  Thanks

  This was due to the disk being a DOS-format

• Lion will not allow AFP file sharing

  After upgrading my iMac to Lion, I tried to turn on File Sharing, but it would not allow it - I'd check the box, it would refuse the check.  I had to go in to Options and check SMB Sharing to get File Sharing to work.  However, I'd like to use AFP file sharing, not SMB.  I still cannot turn on AFP sharing - I check the box, it unchecks itself in 1/2 a second.
  My Macbook Pro was upgraded a couple months ago, and it does not have this issue.  What am I missing? 

  I had this same problem so I opened the console application and viewed all messages.  Then I tried to check the File Sharing checkbox and noticed that two new entries showed up.
  3/31/12 9:21:05.415 PM com.apple.coreservicesd: launch_msg(): Socket is not connected
  3/31/12 9:21:05.645 PM com.apple.coreservicesd: bind(): Address already in use
  Each time I tried to check the checkbox, I received the same messages.  I could of done more detective work but Address already in use may be some kind of memory leak issue or something so I simply rebooted my Mac Pro and then I was able to check the box and it stuck this time.  Also, I was able to share my file like I intended.

• OS X Server not saving my File Sharing settings

  Hi there,
  Hoping there is someone out there who can help as there are a few head scratching issues going on!
  Basically the main issue I am getting is to do with File Sharing in OSX Server.
  I have two raid servers set up with a mac mini server acting as the link to the main network. I use GlobalSan Xtarget to mount the Raids.
  I have set up OSX Server primarily so that I can use the VPN function on the Mac Mini, otherwise it is a very simple set up. However, when I attempt to change the settings of my second raid, (As Displayed) clicking ok doesn't save the settings or infact close the window, it just does nothing, with no warning errors as to the reason why. What I am trying to do is remove allow guess users access to this share.
  Now your probably thinking why don't I just remove the opportunity for a guest to log into the server, while yes this will work, it's just that I am getting other issues that I am wondering is linked to what is happening In OSX Server.
  For instance, I have a Capture One Catalog archive which is supposed to link to a selected folder on my raids. One is for my commercial work, and one for personal. I have a raid for Commercial Work which works completely fine (All the images display and import into the catalog), and a raid for Personal Work (The raid with the file share issues in Server). When attempting to import the images from the Personal Raid, it doesn't recognise them, it knows they are there, but it doesn't recognise it as an image file. However, you can view them fine in Finder.
  I thought it was maybe a Sharing and Permisions issue, so I matched the settings from the Commercial Raid with no success. So I am wondering if it is to do with this issue I am having In OSX Server.
  To add to these points, I am also getting an Unknown User showing in the User list for the Commercial Raid, not that it seems to be causing a problem, but it is another thing thats happened since migrating the server from 10.8 to 10.9.
  Any help will be greatly appreciated!
  Thanks in advanced.
  Aaron

  Ok so I've solved the Capture One Issue, it was due to the / in the Personal/Moving name of the Raid, so that is all fine.
  But if anyone does know why server won't save the File Sharing issues, and the issues with the Unknown User, it will still be a great help!
  Many thanks,
  Aaron

• File Sharing Permissions Issue

  We are using file sharing between macs in an art department, where we are sharing out one folder that contains many sub folders that contain art divided by customer name and job/art numbers. Whenever an artist makes a new folder (or copies a "Template" folder) into the shared working folder I have to then go to that artists machine and tell the Mac to copy permissions to all enclosed folders in order for another user to access the files contained within the new folders.
  Is there a way to make all enclosed folders in the shared folder inherit permissions? We have 15 artists sharing files, so fixing sharing permissions several times a day is getting old.

  you can put a name of a group instead of a specific user name in the command. for example you can put "staff" in there which is a group that contains all users with accounts on the machine. or you can just put "everyone" instead of "username" and that will work for all users including guest users. you can also make a group in system preferences->accounts, add the users you want to that group and use the name of that group in the command.

• Lion server shows up in Finder "Shared" section but won't connect

  My Lion server iMac shows up both on my home LAN and from work in the Finder Shared section.
  Other Shared servers show up (just Lion not Lion Server) and work fine, as usual.
  When clicking on the Lion server icon the Finder tries to connect and then is unable (no password entered).  Connect As doesn't do anything.  Also, removed the original entry in Keychain so there's no password every requested nor given, just fails.
  Any ideas ?

  Well, after much fumbling, I checked out ifelix' site again, and the trick was to select "shared" instead of "open" in Authentication Mode on the PC. I am not sure what the setup on my PC is now, but it works, and thats the main thing
  mini dual core Mac OS X (10.4)

• Server Time Machine vs File Sharing TM

  For a couple of years I have used file sharing on my Mac Mini to provide Time Machine backup space for the Mac Books in my collection. This has worked well, with multiple hard drives and partitions providing redundant backup space (every Mac has at least two concurrent Time Machine backups, each in different hard drives attached to the MM). I have been examining OS X Server, and am wondering what benefit Server Time Machine service offers over my current arrangement. I can see no functional difference. Is there any?

  Functionally, I don't believe so. If you're able to back up and restore your Macs over your LAN using File Sharing then the Time Machine Service in OS X Server won't do you any good.
  I use OS X Server and the Time Machine Service for back ups/restore. I know I can restore any Mac client as long as the server (Mac Mini) is up and running. I simply select the network back up while in the Recovery HD of the client, log into it and select the date I want to restore. I don't know how File Sharing works if you have to restore one of your Macs from the Recovery HD.