User profile for user: UserNameX
UserNameX Author
User level: Level 1
0 points

How to configure Airport Extreme AFP disk sharing to host multiple users' home-directories (Lion, using autofs)

I have this working, but only by completely bypassing access control, using guest access with read+write permissions.

Do I need to buy Lion Server, to do this. All my past unix/linux experience says Lion Server should _not_ be necessary.

This seems like a simple & obvious setup objective, but it is proving to be harder than I would imagine.


Setup:

  • multiple users, sharing two mac mini's running OSX Lion
  • connected to an Airport Extreme (4th gen) with a USB disk shared (either via disk password, AEBS password, or using AEBS user's passwords).


After much experimentation and web research, I finally have managed to get the mini's to auto mount the Airport Extreme's AFP shared USB disk. Well almost... It only works if, on the Airport, I set the guest access permissions to read+write and select the "Secure Shared Disks" method to "With disk password" or "with Airport Extreme password". In other words, it only works if I essentially bypass/disable access control by using the guest authentication mechanism to the AFP shared disk.


On the Lion side of this, I am automounting the users directories via "autofs". The config files for this are


/etc/auto_master:

#

# Automounter master map

#

+auto_master # Use directory service

/net -hosts -nobrowse,hidefromfinder,nosuid

/home auto_home -nobrowse,hidefromfinder

/Network/Servers -fstab

/- -static

/- auto_afp


/etc/auto_afp:

#

# Automounter AFP master map

#

# https://discussions.apple.com/thread/3336384?start=0&tstart=0

/afp/users -fstype=afp afp://;AUTH=No%20User%20Authent@10.0.1.1/Users/


Then, after rebooting and verifying read+write access to the /afp/users directories, I change each user's home directory: In System Preferences > System > Users & Groups, I right-click over the users to access the Advanced Options, changing the Home directory field to point at the AFP-mounted /afp/users/Users/* home directories.


I experimented with alternate UAM specifications, as well as both OSX and AESB users & passwords. Using guest access is the only thing that has worked.


Any pointers would be appreciated...

Airport Extreme -OTHER, 4th Generation, Firmware v7.6

Posted on Jan 13, 2012 5:10 PM

Reply
2 replies
User profile for user: UserNameX
UserNameX Author
User level: Level 1
0 points

Jan 16, 2012 5:19 AM in response to UserNameX

Based on lots more experimentation which confirms the information in a parallel discussion (cf. Automount share as non ROOT or SYSTEM user! https://discussions.apple.com/thread/3221944), I have concluded that the Lion 10.7.2 implementation of AutoFS mechanism is broken. I submitted a bug report via apple.com/feedback.


Work arounds..?


Earlier I wondered if installing Lion OSX Server was necessary. The more I contemplate this, the more I am convinced it _should_not_ be necessary. The client-server architecture is clear: my mac's are the file-server client's and the Airport Extreme is supposed to act as the file server. The only thing instaling Lion Server would do (besides enriching Apple.com) is enable me to configure one of the mac's as the file server. This would require it to be "always on" (thus enriching my electric utility as wel). Okay, an additional benefit would be configuring software RAID disks attached to the Lion server, but Time Machine has worked fine for me in the past, backing up to disks mounted on the Airport Extreme.


One solution is to create a disk partition for each user and instruct each user to connect / authenticate to the Airport Extreme AFP share at login. The multiplicity of partitions is necessary since the first user to mount the AFP share, takes ownership of it, blocking other users from accessing that disk partition. A user can "steal" ownership by reconnecting, but this will leave the other user's applications & open files dangling.


This disfunctional situation really *****. Before instaling Lion, I put a 64 GB SSD (solid state disk) in each of our mac's. I did this expecting to easily configure the /Users/* data on external networked storage. I'm having a dejavu "Bill Gates"-ware moment; problems like this were why I abandoned Windoz.


I will make a few more experiments using the depreciated /etc/fstab mechanism. Maybe that will bypass the broken-ness of AutoFS...? Alternately, I guess I could also try to run Kerberos authentication to bypass whatever is broken in AutoFS, but that would require a running a Kerberos daemon somewhere. Possibly I could configure a Kerberos service to run on both my mac's (without installing Apple's Lion Server)...?


Stay tuned...

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

How to configure Airport Extreme AFP disk sharing to host multiple users' home-directories (Lion, using autofs)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up