macOS Mojave with server 5.7.1file sharing Group permissions problem :-(

I ran into this tonight as well. I upgraded our server at my office from High Sierra to Mojave and was stunned to discover that any and all ACL options or permissions inheritance are completely gone.

Without ACLs or more specifically inherited permissions, that makes MacOS COMPLETELY unusable as a file server in any fashion whatsoever. Furthermore, the "macOS Server Service Migration Guide v1.2" referenced above contains no mention of this removal at all, anywhere.

I spent a few hours this evening migrating our server from HS to Mojave. Now I have to go back again tomorrow evening and un-do it all and go back to High Sierra. UGGH! I am very much hating Apple right now. How in the world can they expect anyone share files in a group environment without inherited permissions or explicit permissions?

Yes, This is indeed an issue that needs to be resolved. I Support a small Design company that is a majority mac. Several users working in shared storage from a mac mini with a promise pegasus drive shared out. It will continue to run High Sierra for the foreseeable future, because of the loss of ACL based permissions administration. Further more the replacement device will most likely be MS server as NAS based storage has not performed well in the environment thus far.

So sad that niche foothold that was here, and the ability to get work done easily has evaporated all the while trying to cater to the "Pro" user.

I stated user because apparently apple is un-interested in supporting multiple users working in a shared workgroup environment

I also run a small design company and are in the same position.

What Apple is doing with their so called ‘os upgrades’ simply doesn’t make sense.

It’s basically telling us that ‘Mac computers should only be used by sole traders running one-man offices’

If you have more than one staff, there’s no way to operate your business in a Mac environment with the latest OS.

I miss the time when I was a student, and Apple catered for the enterprise market. I looked forward to one day having my office where I would run it on xserve, Xsan and Mac OS server.

Sadly, somewhere along the way, profit margins of selling smart phones became too great for Apple.

Apple

got so distracted by smart phones that they forgot, first and foremost, Apple is a computer business. It’s sad but they have lost their way and this haven’t made any progress on the computer front (especially for pro users).

Apple, please don’t lose sight of the importance of your computer business- It is the core that your business laid it’s foudstikns upon. Your founder intended to make great computers for the masses.

One day, when we all move on from smart phones, you don’t want to regret having lost the market on premium computers. Your Pro and Enterprise customers are waiting for you to do the right thing by them and their loyalty.x

ACLs are broken in Mojave. Useless as a file server.

Adobe works on Mac aaaaand Windows.

Most have to switch to Windows file server now.

Windows File server works best with Windows workstations.

Everyone switches back to Windows and Mac is back to being a small fish. Making toys for kids and consumers.

Many will simply not upgrade and run unpatched servers. Eventually they will become compromised and the appearance will be to the layperson that Apple products are not very good.

Not a good strategy/outcome.

ACLs are working in Mojave, for AFP. Try it.

I noticed that my test Mojave server (well not "Server" that software isn't so great now, by server I mean just file sharing turned on) was not honoring ACLs. After some troubleshooting I wondered if it was an SMB issue, because SMB has so many. So I tired connecting via AFP. Guess what? Can't share via AFP on an AFPS volume, even though Apple allows the configuration. Sigh.

So I configured an external HFS+ Journaled volume and enabled a file share with the same permissions. This time I was able to connect via AFP and confirm that my ACLs were honored.

For all of you that think AFP is a useless protocol and that current SMB is safer, you are almost correct. That is, unless you need to provide network shares to Adobe users. Adobe continues to skirt around support for network volumes. Well, sharing to Adobe is even worse if you use SMB. All the security locks take too long for Adobe and it frequently times out. Along with causing access issues. All of these issues go away when using AFP.

So there ya go. Stick with AFP until Apple gets SMB working properly. And not like an OS 10.1 machine where Steve Jobs said this exact issue was a "feature" of Unix and not a bug of MacOS.

Same here. I have 8 people working on shared files on a mac Mini. Every time someone modifies a file, he and only he can reopen it, unless I trickle down permissions of the whole shared folder. Extremely annoying as I had to do this more than a dozen times today. Sharing on SMB, worked even worse on AFP for us.

It may have been taken and set back to factory specs . Only thing is was it down loaded before the restart to factor specs was done! Unsure whether that’s what going on but could be the best answer to your questions

Hi Ryan,

I'm connecting via SMB.

Strange is that with pages files for example the .pages suffix appears, when it didn't appear before. Also a space appears before the dot, the avatar returns to the default pages avatar and not the preview. The message I get is the file format is invalid.

I have to redo the "permission to subfolders" process to put everything back in order.

I wonder if the real issue is which way the disk that's being shared is formatted - APFS vs HFS+. If the folder you are sharing lives on an external drive, you have the choice of how to format that drive. But if it lives on your boot drive, you are forced to stick with HFS+.

try moving your shared folder to an external HFS+ volume and share it from there. Please post the results - a lot of us are struggling with this.

thank.

You probably mean "... But if it lives on your boot drive, you are forced to stick with AFPS."

But I'll play a while with a shared folder on an external HFS+ formatted drive . I'll let you know of the results.

Ok, so I moved all the files to an external drive fomatted as HFS+.

No change, regularly, I have to revalidate folder permissions because some files appear as Invalid format to the other users, the original user (last one who made changes) can open the file perfectly.

So it's apparently not an issue with afps but with the security protocol with which macos Mojave manages permissions.

How do I get back to High Sierra??? :-(

I have had to perform a similar downgrade, Server version 5.3.1 I think is the last version that will work properly. I backed up erased, installed Mac OS Sierra and then found Server 5.3.1 in my purchase history and re-installed, Back to having a working file server until a fix has been announced.

This seems like such a show-stopping bug that either apple is already well aware of it, or those of us experiencing it have not yet stumbled on the workaround.

Can anyone here confirm that apple has acknowledged it as a bug? if not, anyone have the means of filing an official apple bug report?

this must be impacting tons of users.

This wasn't an issue for most of my clients as I force all to use AFP to connect to a server. This is because Adobe apps don't play nice with SMB shares but are fine with AFP shares. Still gotta use an HFS+ volume, no AFPS.