User profile for user: apple-banana
apple-banana Author
User level: Level 1
8 points

user permissions

Hi and thanks for taking the time to review my question.


I have a Mac Mini with the OS X Server App. I have 2 Apple iMacs accessing shared folders on the Mac Mini. I did the following on the Mac Mini Server Share permissions and am wondering if there is a better way in a small business environment to handle user permissions.


User 1: management

User 2: employees


Management Folder - permissions: management: read & write, everyone: no access

Shared Documents Folder - permissions: management and employees: read & write, everyone: no access


When connecting on the workstations (Finder -> Connect to Server, afp://) the issue is as follows:


Everything works fine unless a management user creates a folder in "Shared Documents". An employee cannot then access that folder or read/write to it.


How do you allow a management user to create folders in the shared documents folder, which in-turn will allow an employee to work with that folder?


Basically, management has access to all folders, employees have access to one shared folder, but if management creates documents or folders in the shared documents folder, the employees can't access those folders and documents.


Help! Thanks.

Mac mini, OS X Yosemite (10.10.5)

Posted on Apr 14, 2016 8:36 AM

Reply
5 replies
User profile for user: apple-banana
apple-banana Author
User level: Level 1
8 points

Apr 14, 2016 9:13 AM in response to Linc Davis

Thank you for your reply. Setting an inheritance rule makes sense.

For the parent folder, "Shared Folders", I assume there is no GUI option to make the folder's ACL inherited. Can you point me to the terminal command you are referring to? (From googling, I only see terminal commands for setting inheritance, but some mention SMB, which is not the case here as all devices are Apple computers, so the AFP protocol would be solely used)


Thanks

Reply
User profile for user: Linc Davis
Linc Davis
User level: Level 10
209,739 points

Apr 14, 2016 9:26 AM in response to apple-banana

I assume there is no GUI option to make the folder's ACL inherited.

In the sidebar of the Server.app window, select the icon at the top with the name of the server. Then select the Storage tab in the main window pane.

Navigate to the folder in question and select it. From the popup menu at the bottom with a gear icon, select

Edit Permissions...

Verify that the permissions are what they should be, and make changes if necessary. Then, from the same menu, select

Propagate Permissions...

Check all applicable boxes, including Access Control List. If in doubt, check all boxes. Click OK.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

user permissions

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up