11 Replies Latest reply: May 15, 2012 10:24 AM by Jim Kiltie
Jim Kiltie Level 1 (0 points)

I have a Mini Server running Lion Server 10.7.3. I have two shares, Share1 and Share2.


Share1 works perfect it has all the correct users and permissions both on Server.app AND Finder (Get Info)


Share2 has all the correct permissions in the Finder window (Get Info), BUT under Server.app, it shows the owner as no access and no owner either and a weird group as no access as well, see attached image.


Screen Shot 2012-05-15 at 10.51.01 AM.png




I can not erase the owner as the ( - ) sign is greyed out on both (owner) and (com.apple.local...)


The problem is that when I transfer a file from the shared folder (via AFP) to a workstation's desktop the file has some weird permissions, where you can not edit it, you in fact have to Get Info and reapply new permissions, very annoying to say the least.


My questions is, Is there a way to reset the folder's permission so that Server.app AND finder see the same permissions, maybe one of those sudo commands?


Any help will be greatly appreciated.


Thanks in advance.

Mac mini, Mac OS X (10.7.3)
  • gracoat Level 3 (660 points)

    Sure is...


    sudo chmod -R -N /path/to/folder


    Note that this will recursively detele any ACL's on any of the files within the folder that you're modifying.

    This will be the easiest way to manage them since re-adding recursive entries is really easy.  Removing individual ones is a lot more work cause you have do so with one chmod command per file.



  • gracoat Level 3 (660 points)

    Oh!  You can change ownership of a folder and it's contents from the Terminal too.

    the command is chown -R *username* /path/to/folder


    This command has to be run as root as well.


  • Jim Kiltie Level 1 (0 points)

    It says operation not permitted, it does reset everything to no owner and only everyone with read only.


    Any ideas?

  • Jim Kiltie Level 1 (0 points)

    This is what it does as the Server.app




    Finder sees this:



  • gracoat Level 3 (660 points)

    Which command said not permitted?  the chown, or the chmod?


    Remember, both have to have sudo in front.  ...and replace the *username* with the name of a user.


    The sudo chown -R *username* /path/to/folder command will set the ownership of the folder to whichever username you specify.

    The sudo chmod -R -N /path/to/folder command will remove all ACL's from the folder in question along with all the enclosed folders.

    It does not touch the ownership.


    There must alway be an owner of a file or folder.  If you'd rather not have one specified, just set it to your local administrator as the owner.  That way, any network user that logs in will not have ownership permissions.

  • Jim Kiltie Level 1 (0 points)

    This is what i'm writing:


    macminiserver:~ ladmin$ sudo chmod -R -N /Shared\ Folder/Share2


    This is what I get:


    Screen Shot 2012-05-15 at 1.02.44 PM.png

  • Jim Kiltie Level 1 (0 points)

    This is what Server.app sees:


    Screen Shot 2012-05-15 at 1.03.51 PM.png


    I can not press the ( - ) button nor the OK when I try to select the blank user and the com.apple... group

  • gracoat Level 3 (660 points)

    Will it let you set the ownership on the files?

    sudo chown ladmin -R Shared\ Folder/Share2


  • Jim Kiltie Level 1 (0 points)

    It will, BUT the problem is that I can not get the ACL to other users to save to that folder.


    From server when I try to create the ACL's at the end it does not let me click on OK.


    From Finder I can only add the owner and that's it.


    Screen Shot 2012-05-15 at 1.08.07 PM.png


    The OK button never changes.

  • Jim Kiltie Level 1 (0 points)

    Plus those two entries are still there!!! Any way to expunge them?

  • Jim Kiltie Level 1 (0 points)

    Got it to work.


    I just renamed the "empty" entity and named it my local admin, then the com.aple... I named it everyone group.


    I setup all the other ACE's and saved it.


    Works now like a charm.


    Thanks a lot gracoat for your time.