1 Reply Latest reply: Mar 20, 2013 9:17 PM by Citybird
Citybird Level 1 Level 1

This is critical issue, as we have mixed enoirenment with Windos and Macs.We have some local AD users and external clients accessing some web directories from outside on a local server.




We have some users using Mac laptops and IMacs (latest OSx and some older version OSx) in our organisation and their machines are bound to AD. The problem is with the “permissions” when they are trying to access one windows file share via SMB and trying to copy and paste an existing folder from the server and to the server within the same directory. 


All directories on the server are inheriting NTFS permissions from the parent directory which includes one local user (local user from the server),  and local System user, administrators and one AD group with all modify access.


When the Mac user creates a New folder/ file (from the Mac or Windows), all the inherited permissions structure worked as it is.

When the user (Mac user) tries to copy the existing folder or files and paste into the same  directory the inherited permissions for that  “local user” is not applied. We can see one user with the GUID S-1-5-88-3-xxxx (which is a unix mode user ID i think) This issue is not with the windows users, and with Mac which are not AD bound.


this has been tested on diffrent OSx versions including Lion. I have tried http://support.apple.com/kb/HT4017 and http://www.experts-exchange.com/Apple/Operating_Systems/OS_X/A_4375-Troubleshoot ing-File-Sharing-Issues-with-With-Mac-OS-X-and-Windows.html  etc, no luck. this issue is very easy to replicate, if someone can create a folder on windows network share with permissions assigned to a local user, AD user/group and then create a folder within the parent folder, and then try to duplicate a folder via AD bound Mac and check the permission from windows share


Any help would be appriciated



Solved by Citybird on Mar 20, 2013 9:17 PM Solved
this has been resolved, there were two things which were causing the issue one is "everyone" user permissions on a share folder allowing full access - that should be changed to modify second as discussed as above on a forum http://www.experts-exchange.com/Apple/Operating_Systems/OS_X/A_4375-Troubleshoot ing-File-Sharing-Issues-with-With-Mac-OS-X-and-Windows.html , make a change in local policy or make GPO to disable digital channel communication Thanks everyone