macOS Mojave with server 5.7.1file sharing Group permissions problem :-(

ahawkes, thanks for the nice job you did on this and the very clear explanations.

I've tried your command and am getting the resposne herafter, but the issue is still there. Folder "Programe ext" is on an external HFS+ formatted drive directly connected to the Macmini. "pool" is a group composed of 8 users with read/write permissions.

Last login: Thu Jan 24 12:47:06 on ttys000

serveur-korke:~ korke$ sudo chmod -R +a "group:pool allow readattr,writeattr,readextattr,writeextattr,readsecurity,list,search,add_file,add_subdirectory,delete_child,file_inherit,directory_inherit"/Volumes/Shared\ Folders/Programmes\ ext

Password:

usage: chmod [-fhv] [-R [-H | -L | -P]] [-a | +a | =a [i][# [ n]]] mode|entry file ...

chmod [-fhv] [-R [-H | -L | -P]] [-E | -C | -N | -i | -I] file ...

serveur-korke:~ korke$

Mark,

Looks like you may have used the "incorrect" example to build your command, or your command is being altered here too. But either way, it's not working because of incorrect syntax. When working in this forum, don't forget to select any commands in your comment and click the <> button below to format it correctly. Here's your command, though you MUST change the path to the Programmes ext because I can't see its entire path in your post. Note that you can drag the folder itself into terminal and terminal will drop in the full path to the folder. Just don't forget the space between directory_inherit" and the start of the path. I think that's what you missed before.

sudo chmod -R +a "group:pool allow readattr,writeattr,readextattr,writeextattr,readsecurity,list,search,add_file,add_subdirectory,delete_child,file_inherit,directory_inherit" /Volumes/MyExternalDrive/Folders/Programmes\ ext

So is the consensus that we to use the command line to get new files saved in a shared folder to inherit the permission of the shared folder instead of the user who created the file? Please tell me this is incorrect.

We use the command to configure the SHARE (a.k.a. shared folder) so that everything inside that share will always inherit the permissions you set for that share.

If we did not do this, a user (Susan) could create a folder inside the share that another user (Tom) could not open. But because we did this, all users can access all files and folders, regardless of who created it.

Reading through this, it looks like the command line suggestions are very tricky. I manage many macOS file server, many in mixed Windows/macOS environments. After Server 5.4 dropped, we searched around quite a bit to find something that would work long term for our clients.

So far, the file sharing post-5.4 seems to work fine, except for ACLs. The default inheritance functionality makes file sharing useless for any more than one user.

We have had success with using TinkerTools System 6 for fixing that ACL inheritance issue.

https://www.bresink.com/osx/TinkerToolSys6.html

There are a ton of other features of this program that I am sure sysadmins will appreciate. (I am not associated with TinkerTool, lol).

On a side note, I just checked to see which Samba version Windows 10 uses to communicate with a 10.14 share, and it seems to be 3.0.2 (vs 3.0 in 10.12). This tells me that Apple is doing *some* software dev on file sharing, at least for now, even though it was basically broken after 5.4.

I agree with the comments in this forum.. We are a school district that has been running a mac server for years and now the new mac sever 5.7.1 is worthless.. Don't see software update caching and ACL is gone. I don't understand what apple is thinking? Now we have to use 3rd party software to manage ACL that was working just fine before. I have been a mac guy since the Apple lle and I am sorely disappointed...

I don't think that's what we're looking for. That looks more like a replacement for the "propagate permissions" tool in Server. While it's nice to see that, I don't think it solves our problem. However, ddssg1 provided a suggestion that I tested... TinkerTool System ($14) has a section that includes the ability to set up inheritance on shares in 10.14 Mojave.

Apple server?! Is a joke! Steve please help us from heaven😩

We must use windows server and o365 services for really works? 🤔

I loose so many partners...

Apple now is not Think Different... Apple don’t thinking....😔

Yep, I run a small business with only a few employees (for now) that services many businesses because the model is efficient. Part of that was using Apple hardware and server. I've lost a good deal of time and money developing alternative solutions.

It's not just business, it's also personal. A lot of trickle down effect here.

Thanks to those who mentioned - TinkerTool System. I checked out and it looks like it will fill the need for my server folder permissions and propagation management. Sorry to have to go to 3rd party to manage this but in talking with an apple tech it seems most folks are going to cloud based file sharing so apple does not care about its server service much anymore.

Apple's focus is no longer the server, as everyone is really going to store in the cloud. But if you still want to stay with local data server and have problems only with legacy ACLs it is easy to solution or purchase the TinkerTool or apply the command via Terminal that will definitely solve.

sudo chmod -R +a "group:stagio allow readattr,writeattr,readextattr,writeextattr,readsecurity,list,search,add_file,add_subdirectory,delete_child,file_inherit,directory_inherit"

Saying Apple's focus is no longer on server because everyone is going to the cloud seems speculative to me. Just had a post deleted for that kind of speculation. Guess it's all in what you say.

Half of my client base could never use the "cloud" for anything but administrative work and some basic media sharing. That's not speculation, but fact. I've been running Apple servers since AppleShare IP. The Apple base was always media and content creators in my region. Big files.

Freenas doesn't seem to have a problem using Unix as a file server OS. Provides a good OS alternative to MacOS and cheaper hardware. The current version of Freenas will run as far back as a 2009 Mac mini. That's a current OS on that old mini.

Wow. Just had this happen to me with my first client moving to a new Mac Mini on OS X 10.14.4.

Noticed some folders permissions were wrong or locking users out. took awhile to figure out how badly Apple stripped the Server app.

I eventually tried using the Get Info window on the shared folders and adjusting permissions there. I then tried the "Gear" button and clicked on "Apply to enclosed items...". As soon as I saw the progress bar pop up and disappear in less than a second, I knew it didn't work. After multiple attempts I called Apple Support. After explaining and then bumped up in support, then waiting for that person to confer with others, they had the audacity to say,

"That is expected behavior, you need to change the permissions on each folder."

I said, really, all 10,000 folders? Yes was the answer. I hung up at that point and started on the command line solution. Found it last night and then found this today.

I did run the command line last night and so far all the users today have had no issues.

Will have to get Tinkertool and play with that to see if it has any advantages.

Thanks to all of you for banging on this issue. I just cannot wrap my head around the fact that Apple is just letting Server die on the vine.

Has anyone found a better Server that support SMB and AFP? I assume AFP is needed for the Search to work and index files.

Not to mention more reliable file saves, naming and all the other SMB issues.

First of all, I'd suggest that you put your data into a folder on that disk instead of sharing the entire volume. That will give you more flexibility in the future and also avoid the .Spotlight-V100 error.

And if I understand correctly, you did the chmod command THEN set up sharing in the Sharing Preference Pane?

I think you should set up the sharing FIRST, then do the chmod -R +a command to modify those sharing settings.

Hopefully it really is that simple...

TinkerTool System does work, I have a couple Mojave servers working like it was 10.12 again.

It's not that adding the small expense of TTS in place of buying Server from Apple is a big deal (if you don't mind buying software outside of the Apple App Store). It's that there is no guarantee that Apple won't drop file sharing all together at some point in the future. Especially given the actions taken with Server. Continuing to operate an Apple based server system seems to be a risky venture moving forward.

I'm curious as to the future of file sharing capabilities of the MacOS in the near future. Wondering if anyone here has any insight.