Previous 1 2 Next 17 Replies Latest reply: Jan 10, 2014 5:08 PM by sachinfromca
mille1j Level 1 (0 points)

I have several users using the same iMacs in the office.  They all have network logins using mountain lion server run off a mac mini.  They share several directories that are automounted on login.  The sharepoints are setup using User Groups to create their priveleges.  When one user is already logged in and has their shares mounted, we are having trouble when a second user logs in.  The second user is setup to have access to the same shares, but if the first user is logged in, the share points for the second user show up on the desktop with red circles with a line across them and no access.  Both users are in the same User Group that ought to have access to the folders, and if either user logs in without anyone else logged in, they have access without a problem.

iMac (27-inch Mid 2011), OS X Mountain Lion
  • brycesteiner Level 1 (15 points)

    Are they logging in with the same username?

  • brycesteiner Level 1 (15 points)

    Same IP address may cause the same problem.

  • mille1j Level 1 (0 points)

    nope, they each have a different username.


    no way around the IP problem.  So two people cannot be logged in on teh same computer and utilze the same share points from a server?

  • brycesteiner Level 1 (15 points)

    What do you mean about the ip problem? I can see if to users are sharing the same IP you will have problems. It doesn't matter what OS or network -- you must have different IP addresses.

  • mille1j Level 1 (0 points)

    you misunderstood the situation.


    here is the issue


    imac 1.  User A logs in and their sharepoints "Docs" and "Office" mount

                 User B logs into the same computer and also has access to "Docs" and "Office" but they mount with a red circle across the bottom of the folder and they cannot access them.  Am i suppsed to find a way to give different IP addresses to two users that are logged in at the same iMac?  How on earth could that be done?

  • Kevin Neal Level 2 (495 points)

    Are you saying both users are logging into the same machine at the same time, if so they you are correct the second user will not be able to access the share even though the permissions are correct

  • Kevin Neal Level 2 (495 points)

    this is because although they are in the same group, they actually log into the share with their usernames, so when user one logs in they mount the share with their credentials, so if user two logs in at the same time they can't access the share.


    Is there any reason you need 2 users logged in at the same time?

  • mille1j Level 1 (0 points)

    Well, i'm trying to use mac os in my medical clinic.  staff often use different computers, and sometimes they just need to login to another machine to do something at that location, but don't necessarily want to log the other use out. 


    sounds like macos really won't allow this.  i was afraid that it was going to have problems in a business environment.  I'll add this to the list of its defeciencies I guess.

  • Kevin Neal Level 2 (495 points)

    I guess you could unmount the share then reconnect to it, this might be scriptable too

  • John Lockwood Level 5 (7,691 points)

    It may depend on the version of OS X being used but the following worked for me and may describe something that will help you.


    As others here have indicated, normally you can only have once user logged in to a file server from a Mac at a time, or at least only one user that works properly. This restriction historically has applied to network login accounts and network home directories rather than a group share or a general file share. Obviously if you can't have two network logins at the same time on the same Mac, the issue of then not being able to access the same group share or general file share is not one you hit because you are blocked before that stage.


    This is down to the way network shares are mounted and accessed by accounts. Normally when a network login account is used the first (and only) network login mounts their network home directory on to the client computer in the /Volumes directory. This mount is 'owned' by the user logging in and that specific mount is therefore not accessible by other users on that client Mac. What makes things particularly problematic for network home directories is that Open Directory is set to use a specific path for a user network home directory. Which leads us on to the second issue...


    It is hypothetically possible to have two different users logged in on a client Mac, and have each login to the same share. If this is done, the second user cannot use the first users mount point because it is 'owned' by the first user, and the automount system will mount the share under a different path so you might end up with the following


    User1 = /Volumes/FileServer

    User2 = /Volumes/FileServer-1


    even though they are both accessing the same share on the same server which has the same name. As mentioned above in the case of network home directories which have to be accessed via the path defined in Open Directory User2 will fail because their version of the path is different to what Open Directory says, and if they try using the path from User1 they are denied access. However for a general file share the actual path is less important in most cases so theoretically the user could go to /Volumes/FileServer-1 and access files successfully.


    The real-world instance I had a similar setup that worked was as follows. I had a Mac XServe running as a Terminal Server using iRAPP. Users connected to the XServe via Microsoft Remote Desktop Client and logged in as network login accounts. I used NFS for the network home directories which avoided the issues above. However these users all still wanted to access a Mac FileServer (a different XServe) via AFP. This worked but as mentioned above each user got their version mounted with a different name. If I had five users logged in then I would have the following mounts








    Each of these showed up on each users desktop (via Microsoft Remote Desktop) and they could only access in the Finder their own. If I was using an Application that was using a specific file path it would potentially get confused as to which version to use, in my case this was an AppleScript but I worked round it by testing (in a loop) which version allowed access to a file without error and then knew that path was the correct one.


    In conclusion you might be able to have multiple users access the same share via AFP from the same server but may find that you need to access it in a slightly different way.

  • Kevin Neal Level 2 (495 points)

    that approach could cause issues for some types of file, I realise they said it was for medical but if any files relys on linked files these will break because of the change in file path, for instance if it was a design agency using In Design you would have missing links if you reopen the file at a later date.


    This might not be an issue in this case

  • brycesteiner Level 1 (15 points)

    I tried on my computer to log into my MacMini Server with OSX 10.8.2 and it's letting me log on to it from different user accounts at the same time as another account is logged in and that includes Windows running in Virtualbox and guest account and the main account. None of them are limited at all other than permissions on the guest account but it still has access just limited. I'm not really sure what is going on with yours.

  • bispymusic Level 2 (270 points)

    It is not a deficiency in MacOS at all. This situation exists because of the way the AFP protocol itself works. While it is technically possible to share out files using NFS or HTTPS, these are not simple things to do for a layman and require some skill at the Terminal.


    What are the practical reasons for different users wanting to use the same systems at the same times? I recommend having the users stick to their own systems. If different users have different access it is better from a legal HIPAA compliance perspective. If people are sharing systems due to cost, you might look at a lower-cost solution like a Mac mini with $100 Acer monitors.

  • mille1j Level 1 (0 points)

    the folders that are shared include patient education handouts, a common folder for all the incoming scanned documents, and other such materials. 


    clinic is fast moving, people need to be able to login and have immediate access to their systems, and then run along.  logging in and out everytime, even if it only takes a minute is an unacceptable amount of wasted time.  In addition, sharing computers just works for us well space wise. 

Previous 1 2 Next