-
All replies
-
Helpful answers
-
May 18, 2012 5:30 PM in response to Sam Venningby Caribou38,Thanks everyone for your troubleshooting. We are going to upgrade our client systems to Lion.
The Mac Mini server now runs Lion 10.7.4 Server and users reported issues with File shares permissions.
The shares are also stored on a Promise Raid connected with thunderbolt.
Would the thunderbolt connection have any influence on that issue ? I know it doesn't seem to be a hardware issue at all, but I just noticed we were having this issue on Promise Raid systems conencted with Thunderbolt.
-
May 30, 2012 6:15 AM in response to jochen80by jochen80,hello together.
i just worked with the workaround of brian for the last weeks. until today everything worked fine with the local groups. but now the server ignores the first local group. and the happends while the server is running. suddenly the group-members can not access the folder who worked 1 minute ago. i just duplicate the group and set the acl to the new group and it works again!
i think i will downgrade vom 10.7.4 to 10.6.8 now.
greets jochen
-
May 30, 2012 7:22 AM in response to Sam Venningby thesubmitter,I am having a related strange problem
I am using a Pegasus R6 but my files are not in the Root (or the root is not being shared, I am a few folders deep in)
It seems permissions are not having the expected affect. ACE involving groups don't seem to take effect and I have to add the users individually. It happens intermittently for some folders.
The server is file server connected to an OpenDirectory LDAP Server providing the users/groups
when i do "id ..." the user info appears correct
-
May 30, 2012 7:17 PM in response to G.Williby Sam Venning,Like the two previous posts, I'm still getting folders not honouring the ACL defined in Server.app. They appear okay in Server.app but in the Finder Get Info window I see "Fetching..." in place of one ACL (the other ACL is working fine). This is extremely frustrating. Lion Server doesn't seem to be ready for business applications – sppppppth to business users.
Mac mini Server (2GHz, Intel Core i7, 8GB RAM), Mac OS 10.7.4 Server, Promise Pegasus R6 Thunderbolt RAID.
-
May 31, 2012 7:44 AM in response to Sam Venningby thesubmitter,I wonder if the R6 is involved in all this as I have the same model...
-
Jul 3, 2012 5:14 AM in response to G.Williby Frando,I have had the same issues but on 10.7.4 server and clients. I don't have a Pegasus but I do have a Drobo Pro attached by iSCSI. However the share I am having a problem with are the "Groups" ones. They are at root on the ServerHD.
I have restarted the server a number of times and they are now working. The only thing that I have changed recently is to stop a user account from llogging in automatically on the actual server. I recently setup a basic local user to run a couple of apps 24/7. I had thought it was the apps causing the problem but having stopped runing them a few days ago, and then today stopped the user account loging on, I wonder if, for me at least, it is the user account being logged in.
-
Jul 6, 2012 12:26 AM in response to G.Williby bendadog,Hi,
I've come across the same problem.
I posted a question on serverfault.com about it but didn't get any reply (yet).
Anyway, as you might be able to see from the question, I've noticed that for me it doesn't work if I use OD Groups but it works totally fine if I add OD users directly to the ACL.
Does anyone get that too?
Ben
-
Jul 6, 2012 6:41 PM in response to Sam Venningby sa_admin,Hi, Just tried the folders-nested-3-deep method on an external firewire drive, and all permissions are still ignored... even a user with "No Access" can browse, modify and delete any content in the Sharepoint.
-
Jul 8, 2012 4:25 PM in response to bendadogby bendadog,As an addition to my last posting, I should point out that using OD Users permissions does not require a subfolder, it works fine sharing an entire volume.
-
Jul 10, 2012 4:28 AM in response to bendadogby timcu,I am getting the same problem with 10.7.4 file sharing. It is ignoring some ACL's for OD groups but honouring others. Ones that were working are now no longer working. I solved the problem be resorting to POSIX permissions which seem very reliable. I sorted out the umask problem by creating a file /etc/launchd-user.conf on every client which contained the line
umask 002
Now every file created by users is group writeable which is what I was trying to achieve with ACL's.
-
-
Aug 22, 2012 5:34 PM in response to G.Williby MattMacPro,Hi
I too had ACL file permission issues on a Mac OS 10.7.4 Server. Had been working fine for server months and then I couldn't add a user as an ACL. Restared the machine and non of the ACL's applied to any of the sharepoints worked at all. POSIX permissions were working OK - but with the umask issue from the client it meant that file would slowly be locked to the user who created or edited it. So just using POSIX permission was not an option for me.
The solution that worked for me was to create nested groups. I had to create a new group called 'All Staff 2' and then add the original group 'All Staff' to the new group. It creates a group within a group or nested group. I had to do this for all the groups on the server. I then had to re-apply the permissions again to all the share points on the server - so the permissions would be correct. Once I have nested groups the ACL worked as they should. The new groups I created all were groups within the OD.
Hope this might help someone .....