Need insight for setting up permissions for sharing an external hd via OS X 10.6?

Hello intelligent lifeforms,
My supervisor and friend passed away a little over a year ago, and I am now trying to fill his shoes as the networking guru and could use some assistance.  I'm trying to share an external hard drive that is connected to my Mac Pro OS X 10.6 workstation with a Mac Pro OS X 10.4 workstation user.  I've tried setting up a Sharing Only account in my System Preferences-Accounts for the 10.4 user, and under System Preference-Sharing I turned File Sharing: On, added the Shared Folder, added the User and set priveleges as "Read Only."  My intentions are for the 10.4 user to only be able to copy files from the external hard drive so as to protect the archived files being stored there from being tampered with.  However, there is a User group listed as "Everyone" that I can't remove and believe it is taking precedence over the 10.4 account that I setup.  I do not know where this Everyone group originated from but believe it to be some kind of default group and a major obstacle.
When the 10.4 user copies a folder from the external hd to his workstation and later copies it to a volume on our Xserve OS X 10.2 the folder shows that I do not have privileges to do anything to the folder (there is a red circle with a minus sign in it on the folder icon).  Eventually, I am to backup these files to the external hd where lies my dilemma.
The volume on the Xserve being copied to is setup under Workgroup Manger-Sharing-Share Points-General:  "Share this item and its contents" IS checked, Owner: admin-Read & Write, Group: staff-Read & Write (where said user has been added to the staff group), Everyone: none (I do not think the Everyone group listed on the server has anything to do with the Everyone group on my machine?), Enable disk quotas on this volume is NOT checked.
My tests show that the permissions are being carried over from the external hd Everyone group (Read Only) because even when the 10.4 user's permissions are set to Read & Write in System Preferences-Sharing-File Sharing-Users the folder still shows to be Read Only when it's copied.  I've even tried setting his Desktop privileges to Read & Write hoping that when he copies the folder the permissions would be overwritten.  Unfortunately, the only way to give me priveleges is for the 10.4 user to change them manually through Get Info from his workstation.  This is counterproductive to the workflow I'm trying to establish.  I've tried wrapping my brain around the flowchart of coordinating permissions/privileges between the different machines but to no success.
Also, a note to add is I've observed a User: Firebird Database that is listed under System Preferences-Sharing on both of our workstations.  It cannot be removed either and I do not know where it is originating from.
Is there anyone out there that has any insight to this situation?
Perplexed,
carl_prepress

"Everyone" is not a Group.
Every file has underlying Access settings for System, Owner, Group, and World.
Access settings for Everyone mean everyone-else that is not explicitly mentioned in the other settings. It is the same as the Unix "World".
If you set the Priviledges for a file to Everyone=Read, then any user with any credentials can read it.
The User Categories Owner, Group, and Everyone
You can assign standard POSIX access permissions separately to three categories of users:
Owner—A user who creates a new item (file or folder) on the file server is its owner and automatically has Read & Write permissions for that folder. By default, the owner of an item and the server administrator are the only users who can change its access privileges (allow a group or everyone to use the item). The administrator can also transfer ownership of the shared item to another user.
Note: When you copy an item to a drop box on an Apple file server, ownership of the item doesn’t change, but only the owner of the drop box or root has access to its contents.
Group—You can put users who need the same access to files and folders into group accounts. Only one group can be assigned access permissions to a shared item. For more information on creating groups, see the user management guide.
Everyone—Everyone is any user who can log in to the file server: registered users and guests. Hierarchy of Permissions
If a user is included in more than one category of users, each of which has different permissions, these rules apply:
• GrouppermissionsoverrideEveryonepermissions.
• OwnerpermissionsoverrideGrouppermissions.
For example, when a user is both the owner of a shared item and a member of the group assigned to it, the user has the permissions assigned to the owner.

Similar Messages

  • Set windows permissions for folder

    My labview app is being installed to the prog files dir for the app by an installer created by the LV Dev System.  i encounter a problem when trying to store a config file for the app to the directory during user customization of settings after app installation because the file I am trying to update is read only due to win 7 defaults.  I try to set the permissions for the folder programmatically, but it does not change the folder to a NOT read only one.  What is the trick here?  Do I need to put my config files in another directory somewhere or is ther a way to change the folder settings so I can create temp files in that folder?

    Creating temporary config files in Program Files is not very good practice. I would do it in the public user folder.
    How are you setting the parameters?
    Did you use the following?
    http://zone.ni.com/reference/en-XX/help/371361J-01/glang/set_permissions/
    http://zone.ni.com/reference/en-XX/help/371361J-01/glang/setting_permissions/
    Excerpt from the link above:
    You can use permissions to change only write permissions for users (bit 7); the operating system ignores all other changes to the bits.
    Beginner? Try LabVIEW Basics
    Sharing bits of code? Try Snippets or LAVA Code Capture Tool
    Have you tried Quick Drop?, Visit QD Community.

  • How do we set the permissions for....

    Using Acrobat 9, Setting permissions is very confusing!
    How do we set the permissions for document so that:
    -- the end user needs no password
    -- Printing: Allowed
    -- Changing the Document: Not Allowed
    -- Doument Assembly: Not Allowed
    -- Content Copying: Not Allowed
    -- Content Copying for Accessability: Not Allowed
    -- Page Extraction: Not Allowed
    -- Commenting: Allowed
    -- Filling of Form Fields: Allowed
    -- Signing: Not Allowed
    -- Dreating of Template Pages: Not Allowed

    Not possible. If you allow filling in forms you must allow signing. BTW, while it is nice to be able to set permissions anything that depends upon passwords that you set is easily overcome by third party utilities. Don't do anything that really depends upon these permissions. If you want to set permissions using the Document Properties Dialog box (control D), then click on the Security button. In the Security Method Dialog box, select password security and fill it out as you need.

  • JAAS - How to set up permissions for a specific code?

    I would like to set up permissions for specific code in JAAS policy files.
    In other words, let's say I have the followiong entry:
    permission java.util.PropertyPermission "java.home", "read";
    Then, when I do Subject.doAsPrivileged(..., MyAction), if this permission is absent, I will not be able to access the "java.home" property in my MyAction.
    If I, let's say, set up a file permission, I will not be able to read certain files if the permission is absent.
    I want something simpler. I want to be able to specify that the whole class MyAction cannot be executed if the permission is absent - I do not want the code to even go there. Basically, if the necessary entry in the Policy file is not present, I do not want the calling code to have access to class com.mypackage.MyAction.
    This must be really straight-forward, what am I missing?

    Thank you for your input.
    My case is a little bit more complex.
    There is a request and approval process attached to the provision to this target system.
    The approval process has a first level of approval (including 1 to many approval steps) and the user gets the basic access to this target system. The user can then access the target system but is limited to what he/she can do.
    Then the approval goes to a second level of approval (including many approval steps) and if approved the user gets the elevated access to this target system.
    To accomplish this, the previous implementer created 2 resources for the same target. After the first level of approval, he provisioned resource A to the user. After the second level of approval, he provisioned resource B to the user, revoked resource B, and updated resource A.
    This is very confusing because we are dealing with 2 resources for the same target.
    I am looking for way to take advantage of the GTC to provision and reconcile with a system that takes a flat file and can write a flat file. But I also need to make it work with this approval nightmare.
    Do you have any ideas on how to make this better and simpler?
    Thanks
    Khanh

  • When setting up permissions for application files--URGENT

    Hello All,
    when setting up permissions for application files,
    Is this following permisson appropriate?
    If application files are owned by a single owner,
    that owner should be the oracle user.
    DN

    Here is my question again.
    when setting up permission for application file, which permission is
    appropriate?
    a) If application files are owned by a sigle owner,that owner should be oracle
    user.
    b) Application files should be owned by oracle user
    c) Application files should be owned by single user.

  • [SOLVED] setting up permissions for mounted usb devices

    Hi all,
    I've been having the following problem when mounting my external hd: in order to mount the external hd I created a folder /mnt/usbstick/ giving permissions to a non-root user to read the files/directories in this folder (using chmod); however, after I mount the external hd, the set of permissions for /mnt/usbstick/ change so that a non-root user cannot  read the mounted files in /mnt/usbstick. This is a problem for me because, when I copy a file from the external hd to the non-root home folder, the copied file can only be read by the root user.   
    Do you know how I can solve this problem? Should I write a udev rule and place it at /etc/udev/rules.d/? Or should I simply add the non-root user to a specific group from /etc/group? Any ideas?
    Thanks!
    Last edited by falsum (2010-05-08 09:21:59)

    You could try adding an entry for your usb device in /etc/fstab and specify the option user to let non-superusers mount it.
    Here's an example of an entry for my external HD. I'm sure there are probably other (and better) ways to do this but it works for me.
    UUID=4376-0BFB /media/FIRELITE vfat rw,user,noauto,async 0 0
    Nice howto found on the wiki: http://wiki.archlinux.org/index.php/Fstab

  • Setting file permissions for 'wheel' group files

    I have a bunch of files I copied from my PC when I made the transition to my Mac. I'm having problems moving or backing up many of the files apparently because the Mac has set the group for these files to 'wheel' and I'm not sure how to change them back. My efforts to chown or chgrp the files always result in "Operation not permitted" error messages.
    I have been able to select a file at a time in the finder and use the get-info option to change the permissions, but I need to do this for thousands of files and it takes too long manually.

    mpender wrote:
    I have been able to select a file at a time in the finder and use the get-info option to change the permissions, but I need to do this for thousands of files and it takes too long manually.
    Yes, you need a global fix. Download BatChmod Read the online documentation and online help. Let us know.
    -mj

  • How to set file permissions for SFTP uploaded file?

    Hello,
    is it possible to set file permissions with the SDK for files uploaded via SFTP transfer? I use the default sample plugin ftp_upload.lrdevplugin to transfer the files, but would like to tweak it to set the uploaded file(s) to permission 644 (rw-,r--,r--) on Linux server. Currently the server sets new file(s) by default to 600 (rw-,---,---).
    I am looking for an option to do the "chmod" directly from Lightroom without doing any modificatios in general to default umask, etc. settings on the server. No real UI is needed for this. Just hardcoded setting for 644 in the .lua.
    So far I've been unsuccesful in finding the way. Googled, read this forum, looked at the API. Maybe I just missed it, or does this functionality exist?
    All advice is appreciated!
    Cheers,
    Timo

    Niel's suggestion is good. You might also try posting your question in the Tiger Server forums. I'm sure Tiger Server has several ways of dealing with this.

  • Can I set public permissions for the Training Catalog?

    We want to have all users be able to get into the Training Catalog and self enroll. We have over 7,000 employees with no distribution list for all people. How do I set permissions for all employees to see the training catalog and self enroll?

    Ah, support strikes again. The Training catalog is not, and cannot be set to publicly viewable. This permission setting is only available to objects in the Content Library.
    If you go to the Training Tab and then Training Catalog you will see an option to Set Permissions for the Training Catalog. Select that and you will be able to add any individual or group from the list on the left to the list on the right to give them view permissions. There will be no "Make Publicly Viewable" option.
    If an individual is not listed in the right hand list (or a member of a group on the right hand list), then they will get the Not Authorized message.

  • Server2012/Win8.1/PowerShell4.0 set printer permissions for multiple printers

    Hey Scripting Guys!
    looking at the new Set-Printer command for 2012/Powershell4.0. 
    we have a bunch of printers already added. I have changed the global perms on the printer server, but would like to mod the perms on existing printers. Anyway to do it via powershell?
    cheers
    Stu w

    Get-Printer <printername>| Set-Printer -SDDL <sddl perms string>
    http://technet.microsoft.com/en-us/library/hh918366.aspx
    ¯\_(ツ)_/¯

  • Best approach for setting up iCloud for a child

    Hi,
    I have bought my son an iPad Air for his birthday. We already have an iMac in the house which is shared by us all, with each person having their own login. My original question was going to be how I can create an iCloud login for him. I tried createing one yesterday but to create the iCloud login I needed an apple id but it seems he is too young to have his own applie id. Is it possible for me to have the one Apple id which we use for purchases but then for myself and my son to have seperate iCloud logins?
    But now that I think about this more I am thinklng of creating a seperate apple id for him (maybe in my name) because I do not necessarily want him to access some of te movies and songs I have purchased from iTunes because they are not appropriate for a child.
    So what is the typical setup for app id and icloud accounts for a familly?
    Thanks
    Andy

    Previously, before introduction of family sharing feature - I created for my kids apple id's under my name and with my information - since Apple requires account creator/holder to be over 13. Now with introduction of family sharing Apple policy changed a bit, but I find that they created system that still needs some kinks to be worked out. My personal recommendation to proceed just like you were thinking and make adjustments as Apple perfects their policies.
    Practically you will have your son's phone sign in to his id under
    Settings messages
    Settings facetime
    Settings icloud
    You will share id on
    Settings itunes and app store
    You will disable auto downloads on your and your son's phone
    and most importantly you will have to limit your exposure to get hit by your son using your credit card. As well as control his download options in Settings -General - restrictions - where you can disable download of things by age or content type.

  • Transport request for Set Control Parameters for Actual Data.

    Hi Viewers,
    I am unable to create the transport request for the below settings
    Controlling->Profit Center Accounting->Basic Settings->Controlling Area Settings->Activate Direct Postings->Set Control Parameters for Actual Data.
    Is it possible to move the request through transport request or do we need to create the settings directly in the target system.
    Thanks
    Aswin.

    Hi,
    Please read the IMG help at the given path.  There are certain profit center accounting settings which cannot be transported directly from the same path, but there is another node in SPRO path for doing this.  If possible I will try to locate the path but I am not sure I can post it immediately as I am not having system handy.
    thanks,
    Kumar

  • I have two Apple IDs, and this is causing problems with syncing via iCloud. How do I move everything to one ID? All advice is for setting up, not for after it's already set up.

    My problem is that I have been a Mobile Me user for the past couple of years, and because of that a second Apple ID was generated in addition to the one I've been using for years. When iCloud was introduced last fall I did everything I was supposed to in setting it up, but it is evident that the syncing is not working as it should. In checking, I am certain this is because I now have two active Apple IDs. I would assume this is a common issue with all who were/are Mobile Me users.
    The online help says you can't merge two IDs. Okay. What I want to do is to get rid of the Moble Me ID and only use my regular Apple ID. But the help on that issue seems to only give instructions for setting up the iCloud account. It seems that when I go into my iCloud accounts, both on my iPhone and my Mac, I can view the ID but there is no way to change them to another ID or to eliminate the account.
    Please help. I am a long-time Apple user and this really should be a fairly simple matter to take care of, but this is one issue where the normally user-friendly Apple way of life is giving me fits. Thanks.

    I am logged into the same things on both my iPhone and my MacBook Pro, except for mail. I use a gmail IMAP account and everything there already works on both machines. The iCloud account on my iPhone uses one Apple ID and the one on the Mac uses the second Apple ID.

  • Ask for Text for Set Spotlight Comments for Finder Items

    I want the text from the "Ask for Text" to go in to the "Set Spotlight Comments for Finder Items" action, but they don't seem to interact.
    Any ideas?

    first you make a new variable using variables tab. then you add the action "set value of variable" right after the action ask for text. drag the variable you made to the variable field of that action. this will set the value of that variable to the output of the previous action.

  • Sharing an external drive via airport extreme

    I have a network system set up using Airport Extreme (the dome shaped one). It is connected to my ADSL DLink box. I also have an Airport Express plugged in downstair to increase my wireless signal strengh. I have one G3 connected to the Airport Extreme via an ethernet cable (because I don't have wireless on that computer). I have a Mac pro beside it, accessing the network via wireless and downstair, I have a powerbook wich accesses the network wirelessly. What I would like to do share my external hard drive with all three computers, so that they can all see my jobs folder, along with iphoto and itunes. I basically want everything to be in sync. Can anyone give me advice on how to best go aout it? I thought I would be able to plug my hard drive into the airport extreme and share it that way, but nothing is showing up on the airport utility. Is my airport too old? Thanks for any help or advice.

    Plug the external hard drive into one of your stationary Macs. On that Mac go to System Preferences-> Sharing preference pane and enable File Sharing.
    Now you should be able to access that drive from any of your other Macs.

Maybe you are looking for