Apple Event: May 7th at 7 am PT
Newsroom Update
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
I'm having really strange issues with Lion Server. Since upgrading to 10.7.3 I no longer have permissions to modify files on Share Points that I was once able to in 10.7.2. When I go to modify certain files or folders I get "The operation can’t be completed because you don’t have permission to modify some items."
Mac mini, Mac OS X (10.7.3)
hello together.
i just worked with the workaround of brian for the last weeks. until today everything worked fine with the local groups. but now the server ignores the first local group. and the happends while the server is running. suddenly the group-members can not access the folder who worked 1 minute ago. i just duplicate the group and set the acl to the new group and it works again!
i think i will downgrade vom 10.7.4 to 10.6.8 now.
greets jochen
I am having a related strange problem
I am using a Pegasus R6 but my files are not in the Root (or the root is not being shared, I am a few folders deep in)
It seems permissions are not having the expected affect. ACE involving groups don't seem to take effect and I have to add the users individually. It happens intermittently for some folders.
The server is file server connected to an OpenDirectory LDAP Server providing the users/groups
when i do "id ..." the user info appears correct
Like the two previous posts, I'm still getting folders not honouring the ACL defined in Server.app. They appear okay in Server.app but in the Finder Get Info window I see "Fetching..." in place of one ACL (the other ACL is working fine). This is extremely frustrating. Lion Server doesn't seem to be ready for business applications – sppppppth to business users.
Mac mini Server (2GHz, Intel Core i7, 8GB RAM), Mac OS 10.7.4 Server, Promise Pegasus R6 Thunderbolt RAID.
I wonder if the R6 is involved in all this as I have the same model...
I have had the same issues but on 10.7.4 server and clients. I don't have a Pegasus but I do have a Drobo Pro attached by iSCSI. However the share I am having a problem with are the "Groups" ones. They are at root on the ServerHD.
I have restarted the server a number of times and they are now working. The only thing that I have changed recently is to stop a user account from llogging in automatically on the actual server. I recently setup a basic local user to run a couple of apps 24/7. I had thought it was the apps causing the problem but having stopped runing them a few days ago, and then today stopped the user account loging on, I wonder if, for me at least, it is the user account being logged in.
Hi,
I've come across the same problem.
I posted a question on serverfault.com about it but didn't get any reply (yet).
Anyway, as you might be able to see from the question, I've noticed that for me it doesn't work if I use OD Groups but it works totally fine if I add OD users directly to the ACL.
Does anyone get that too?
Ben
Hi, Just tried the folders-nested-3-deep method on an external firewire drive, and all permissions are still ignored... even a user with "No Access" can browse, modify and delete any content in the Sharepoint.
As an addition to my last posting, I should point out that using OD Users permissions does not require a subfolder, it works fine sharing an entire volume.
I am getting the same problem with 10.7.4 file sharing. It is ignoring some ACL's for OD groups but honouring others. Ones that were working are now no longer working. I solved the problem be resorting to POSIX permissions which seem very reliable. I sorted out the umask problem by creating a file /etc/launchd-user.conf on every client which contained the line
umask 002
Now every file created by users is group writeable which is what I was trying to achieve with ACL's.
This worked for me as well.
Good find!
Hi
I too had ACL file permission issues on a Mac OS 10.7.4 Server. Had been working fine for server months and then I couldn't add a user as an ACL. Restared the machine and non of the ACL's applied to any of the sharepoints worked at all. POSIX permissions were working OK - but with the umask issue from the client it meant that file would slowly be locked to the user who created or edited it. So just using POSIX permission was not an option for me.
The solution that worked for me was to create nested groups. I had to create a new group called 'All Staff 2' and then add the original group 'All Staff' to the new group. It creates a group within a group or nested group. I had to do this for all the groups on the server. I then had to re-apply the permissions again to all the share points on the server - so the permissions would be correct. Once I have nested groups the ACL worked as they should. The new groups I created all were groups within the OD.
Hope this might help someone .....
Lion Server 10.7.3 file sharing permissions
