Only admin can access share points.
I have OS 10.4.3 server running on a G4 xServe. It was previously running 10.2.8, but it was compromised. So I zeroed the boot drive and did a clean install of 10.4 Server and upgraded it from there. I have rebuilt all the accounts, but only my admin can access the share points from the mac's and pc's on my network. I've tried mounting them with AFP, SMB and FTP, but the server won't accept any of the user/pass combinations. It is set up as a standalone server. The only groups the other users are in are the groups I created for sharing purposes, ie. they aren't in Users or staff or anything that comes as part of the OS. Nobody, including my admin account, has a login shell, and we are all using Shadow Passwords with all of the Security options checked. The only services I have running are AFP, Firewall, FTP, Web and Windows.
Since I can log in with my admin account through SMB and AFP, I think it's a matter of not having users in the correct group. The ones that look like candidates to me are Application Server, App Server Admins, Administrators, and com.apple.accessallservices. They all seem to indicate more than file sharing access to me and I want to keep this server as bulletproof as possible. Any help would be appreciated.
Check the following:
In Server Admin, select your server, click Settings (near the bottom), then Access (near the top). Make sure that you have not restricted just one user to use the Apple File and Windows services. You should allow all users to access both of these, then prevent outside access by configuring your server's firewall.
The groups you've listed are system groups. Do not delete them and do not add users to them, or you'll have unexpected results. The Administrators group contains all administrators. By adding a user account to that group, you have made that account an administrator for the directory domain in which the account resides. (For standalone server configurations, you've made the user an administrator of the server.) The groups beginning with com.apple assist Mac OS X Server in allowing access for certain services. These are system groups that control the SACLs (service access control lists). Again, if you want to make a user an administrator or if you want to edit the SACLs, use Workgroup Manager or Server Admin.
My recommendation would be to configure your server as an Open Directory Master. You can use Server Admin to start Open Directory and set the server's role to Master. With this in place, you can use Password Server and Kerberos to authenticate users and you can back up your user database for restoration in case of a future problem. As Standalone Server, all of your users and groups are stored in the server's local NetInfo domain, so all authentication happens locally (at the server). Creating a directory domain allows authentication to take place within the domain (e.g., from the login windows of client computers).
--Gerit
Similar Messages
-
Is there any way to send some one a password protected pdf that only they can access/view with a password?
Thanks!Hi wonderingtoday,
Yes, you can! If you have Acrobat, you can assign an "Open Password" to the PDF, so that only people who have that password can open the PDF. If you don't have Acrobat, you can try it for free for 30 days. For more information, see www.adobe.com/products/acrobat.html.
Best,
Sara -
Windows Users can access shares but Macs Can't
Running 10.8 on the server and here is the below problem I am having
1. Windows users can access the file shares read/write (even though they create permissions wrong, another day to takle that since I already tried ACL)
2. Macs running 10.8 and Mavericks
Open the server in finder on a user machine. Can sometimes see the two share folders. Other times just get the spinning wheel.
Now if you are so brave to click on the folder then finder will spin forever.
It locks finder up so hard that you can't shut down the machine without holding the power button. Other programs will run just fine, it only affects finder.
I tried connecting from the mac with smb:// to see if it is an AFP issue but it just sits on connecting forever.
I looked through the logs and don't see anything. But my knowledge of logs is terrible.
Any help would be great.
Thanks
ThomRunning 10.8 on the server and here is the below problem I am having
1. Windows users can access the file shares read/write (even though they create permissions wrong, another day to takle that since I already tried ACL)
2. Macs running 10.8 and Mavericks
Open the server in finder on a user machine. Can sometimes see the two share folders. Other times just get the spinning wheel.
Now if you are so brave to click on the folder then finder will spin forever.
It locks finder up so hard that you can't shut down the machine without holding the power button. Other programs will run just fine, it only affects finder.
I tried connecting from the mac with smb:// to see if it is an AFP issue but it just sits on connecting forever.
I looked through the logs and don't see anything. But my knowledge of logs is terrible.
Any help would be great.
Thanks
Thom -
Since I have multiple users of my itunes account, is it possible to redeem a giftcard where only my iphone can access the redeemed money?
Yes, you can use another server for .ibooks format. You can also directly email it if your system can take the size.
-
Can access share by alias1, but not by alias2 (from xp client)
Hello,
I have fileserver.domain.com
and clientXP.
I have two aliases for fileserver.domain.com which I added via netdom command:
alias1.domain.com and alias2.domain.com
From clientXP I can access both \\fileserver and
\\alias1 fine, however when trying to access
\\alias2 I get the error:
"you were not connected because a duplicate name exists on the network. Go to system in control panel to change the computer name and try again."
"alias2" name is not used anywhere else in our network.
Nslookup seems to resolve "alias2" correctly from clientXP.
alias1 was added few months ago, so I can't exactly remember if there were any additional steps taken to make it work.
I have tried setting disable strict name checking dword to 1, which seems to have no effect in my situation.OK it seems all I had to do is to restart fileserver, after that I could normally access file shares on it from clientXP by the name of alias2.
-
Limit to number of users can access share at same time.
I have a mac that I want to put a windows accesible share on. I need to know how many people can have access to the files on that share at one time. I am running OSx Tiger on a new Imac 20". On a windows machine it is determined by the number of cals.
imac20" Mac OS X (10.4)
imac20" Mac OS X (10.4)Actually, that document referes to "Personal File Sharing" - 10 is the limit imposed by Apple for AFP, which is Apple's proprietary protocol.
"Windows Sharing" or SMB is open source, and I don't think there is a limit imposed by the license.
The "tested and theoretical maximums (limits)", for SMB on 10.3 Server puts the limit at 1000 connected users (tested and theoretical - with the caveat that the numbers will be limited based on available resources). Between them, the users would be limited by the "number of open files" (theoretically up to 12288, but tested to 1000). But I don't know for sure what if any differences exist between the SMB versions installed by default in OS X Client vs. Server or if anything has changed with the version installed in 10.4. -
Can i lock a file that only i can access with a password
can i lock a file or folder that i can only access with a password???
You could put it on a USB memory stick, the use Encrypt in Finder. MacOS Hints has notes on it.
-
[SOLVED]External HD: Auto-mount in read-only and only root can access
So I followed the advice in http://bbs.archlinux.org/viewtopic.php? … 88#p583088 regarding using udev to auto-mount my external 60gb harddrive, and it works. The only problem is, it is being mounted read-only and I can only view the contents via sudo or as the superuser.
Can anyone guide me in the right direction I need to go to get this changed? I have already once tried to recursively chown everything on the harddrive, but that didn't seem to work. The syntax I used from that above article specifies "rw" as one of the options for the mount command, so I am stumped as to why this happened.
Thanks
Last edited by trann (2009-11-13 16:24:36)Wattanut wrote:
Have you installed ntfs-3g?
I think I've had that problem before.
WoW, perfect solution. This is why I love this distro. -
Only admin can log into WebAccess
I've just migrated a GW system from NetWare 6.5 to OES11/SLES11 SP1 and upgraded to GW2012.
As admin I can log into WebAccess 2012 (running on same server) but not as any other user. Cannot find any errors in the log files neither. Btw: DataSync is working fine using SOAP...
Server is using one IP address, 192.168.1.7 (where WebAccess, LDAP etc is running on), while the GW agents are on a secondary address 192.168.1.6. SOAP is set up with SSL, PO uses LDAP authentication also over SSL.
I've tried to disable SSL all over, set up basic authentication without LDAP etc. Still no go for others then adminpfronteri,
It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.
Has your problem been resolved? If not, you might try one of the following options:
- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)
Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php
If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.
Good luck!
Your Novell Product Support Forums Team
http://forums.novell.com/ -
My teenager erased the history each time he goes on so that I don't see where he was (so he doesn't get in trouble for going to youtube when he should be doing homework). I'd like to be able to password protect the history so he can no longer erase it. Can you please advise me.
One option is to use the Public Fox add-on to password protect parts of Firefox including the option to clear recent history - https://addons.mozilla.org/firefox/addon/public-fox/
The downside of using an add-on is that it is quite easy to bypass. An alternative approach is to use a third party parental control application that stores its own log of sites that are visited. If the Firefox list is cleared, the sites will still be shown in the other application. One such application is the free K9 web protection - http://www.k9webprotection.com/ -
Folders Not Showing in Server Admin AFP Share Point?
Hello all,
My problem is I can make a folder in Server Admin under AFP Share Point, But the Folder wont actually be made on the HD.
Under Server Admin AFP Share Point it will tell me that it doesn't exist?
So I thought I'll go to that point on the HD and make the folder then set the permissions to it... nope I can make the folder I can see it in finder and in terminal, But not in Server Admin AFP Share Point.
I have never seen this before any help is greatly welcomed.Hi Kristoffer,
I have seen an attribute for folder object which could control SharePoint folder hide or show in webdav explorer view, you can use PowerShell to output the problematic folder property, see if it the case, then use the PowerShell code to set it's property
with blank value to make it show in explorer view,
Use the PowerShell to get the folder object and then check the property value with this code line $folder.Properties["vti_winfileattribs"]
#folder can be site, library level and folder level
$folder = (Get-SPWeb http://sp).Folders["shared documents"].SubFolders["folder1"]
#hide folder
$folder.Properties["vti_winfileattribs"]="00000016"
#show folder
####$folder.Properties["vti_winfileattribs"]=""
$folder.Update()
https://social.technet.microsoft.com/Forums/lync/en-US/9ceafb38-24dc-466c-b497-2cee062b81cf/explorer-view-hidden-folder-attribute?forum=sharepointgeneral
Thanks
Daniel Yang
TechNet Community Support -
User Can Browse Network Server But Not Access Share
I have a client computer that can access shares on a network, however on server the user cannot access a specific shared folder.
Client is Windows 7 joined to domain
Client can access shares on other servers and other shared folders on the problem server
I have checked effective permissions for the user and they have modify permission on the folder/subfolders
Share is Everyone - FC
Have explicitly added user to share with FC permissions as well.
Server is 2012.
The error I am getting is The Specified Network Name is No Longer Available
Other users do not have this issue.
User can access share from another client.Hi,
Thank you for the update.
Best regards
Michael Shao
TechNet Community Support -
FTP - Share Points Disapearing
On our server I've setup FTP access to certain groups. One being a public group - only access to one directory (public ftp) and another group which has access to all share points. Permissions are set using ACLs for both groups to their respective directories.
So now when a user logs in that has access to all share points, we don't see all the share points anymore we only see the public share point. If I turn off FTP as a protocol for all the share points - all the aliases show up. Turn on the protocol they disappear.
Any ideas insight?Ok, solved. It was simply a permissions issue with the symbolic links. I assumed that since the server automatically generated these when you turn on FTP sharing that it would grant read access for everyone.
Well I was mistaken - had to update the permissions on the links to allow everyone read access. They now show up and users can browse the directories that they have permission to. -
Can i share folder&files in my icloud with another icloud users?
Hello,
i'm a newbie in icloud and want to know more about it. Hope someone can help me.
can i share my folder and files in my icloud with another icloud users?
can i also set password for some subfolder inside the shared folder?
(though user get shared access to the main folder,they still need to enter password to open the subfolder with password)
Thank you,
PaulusNo. You can use a file sharing site like DropBox and have a different folder that only they can access for people you want to share file with.
OT -
I have set up an administrator account and loaded microsoft office mac 2011. i have now added three kids accounts but can't seem to enable them to access the office mac software...... help please.
Where did you install Office?
If you installed it to the Applications folder in the admin account that ie reason why only you can access it.
If you want everyone to be able to access it then you should install it in the Applications folder at root level.
Allan
Maybe you are looking for
-
Distinct data from different columns of a table-Single query
I have a table with different columns. Each of these columns have entries. A particular column, say, a column called name can have same entries more than one time. Likewise other columns can also have same entries more than once. My requirement is to
-
Underline breaks up after saving as pdf
Hi everyone, I'm creating a form in Illustrator CS4 and I've put in some right aligned tabs and then selected the tabs and underlined them using the underline option in the Characters panel. When I save as a pdf though, the underline all breaks up in
-
Run-time error "TSV_TNEW_PAGE_ALLOC_FAILED" occurred
Hi all, I am running BDLS report in background after system copy. Its getting failed. On checking the failed job log in SM37 am getting the TSV_TNEW_PAGE_ALLOC_FAILED runtime error and message as below. I have checked and all memory parameters looks
-
If I have my iMac internet sharing turned on, the Airport Utility won't recognize the Airport Express I want to use to stream iTunes to my stereo. When I turn the iMac internet sharing off, the Airport Express appears but calls itself a base station
-
The link colors I set using the Inspector appear as I want them in iWeb, but aren't being changed on published web pages. I read in this forum: ... The thing with hyperlink colors is to make sure that the "Normal" and "Visited" colors and U settings