703 Views 9 Replies Latest reply: May 31, 2007 4:53 PM by Paul Alessi
By default if the client machine is only permitted to login as Guest then it has access to only one folder - the /Users/Shared/ folder. Any files you want to share should be placed in the /Users/Shared/ folder.
Allowing a normal account login will provide the client with whatever privileges and access has been assigned to that account. Creating access limited to a single folder may be made easier by using a third-party utility, Sharepoints.
Hi Paul, this is straight forward to do and have it work each time your 'client' mac starts up for a particular user.
• both macs share the same subnet (Assuming the one used by the router)
• assuming you can communicate with each of them from each other .
• assuming both of these are OS 10.4 or 10.3 .. just making sure its not another ye olde os)
• assume that the MAC where you want the FOLDER (directory) placed is always going to be available. (ie doesn't fall into sleep mode)
• assuming reasonable network speed (I dont know what you client MAC will be using in its work flow - large or small files e.g.)
• assuming that you dont mind if ANYONE in your system of two macs can accesse the folder (keep it simple for now)
(on your SERVER mac).. the "NAS server" machine.
• create the folder in your ~/public/<myshared_foldername> (anywhere would do btw or on one of the volumes in /volumes.....
•set up the priviliges using the FINDER WINDOW for the foler (+i) (get info)
(for example there is an "OWNERSHIP and PERMISSIONS" .. expand it all and it's pretty self explanatory". For simplicity here, just make it available to ALL and sundry.
• do what ever you do to put an icon and a label & comment on the folder
(on your client mac)
• assuming all network connections are cool and you have both airport and/or ethernet/and or/FW connectivity via your router....
• in the finder use +k (go to server) and put in the local name of or the IP address (to choose your fastest path) to the MAC that is your server.
• answer any prompts for user and password. If you dont care, you can have that MAc log into the SERVER mac using your normal user and passwrd as a registered user, else default to guet.
All so far very simple.
Now the tric is to have it AUTOMATIC so tha when your client mac startups and someone on that machine needs access to your SERVER (As a NAS server), it just happens.
and this is simply achived on the client machine by adding ing it into the LOGIN ITEMS for that user (and the others).
How is that done?
Simply DRAG AND DROP the desktop folder icon of the folder(s) to be shared) into the "login items" for the (system preferences/accounts/" users on the CLIENT machine. If there are multiple usres that need this then do it for all of them or have them do it.
I think you can also enable some options in the SERVER's (NAS) system preferences/"energy saver" to wake itup whould it go to sleep.. such as 'wake up for ether net access" or something.
anyway.. it gets more complex when you want to perform specific accesses and rights to the folders and the sub directories.
This is simply implementing NFS I beleive.
This will work first time and we use it all the time without the need for COTS or brand-x software.apps to make it happen.
hope that helps
Wow that really helped a lot! Thanks for the detailed reply! Really it's much appreciated.
I just get a slight bit confused at the part where you say I've got to make it automatic. Automatic in what sense? As long as the host computer is on and the privileges for the folder are set properly the other mac should be able to access the folder right?
I just don't understand why I have to add the folder to the login items... Is it just so the client computer doesn't have to mount the server each and every time they need access?
Also... do I have to turn on Apple Talk or any of that stuff in System Prefs?
Hi Paul, glad to help. to your questions:
1) AUTOMATIC - well just for sheer convenience. This is what workflow on the mac is all abou I think. No need to if you dont want to. The file path "method of access" permissions can be set on the owning SYSTEM/userfinder simply by using "finder/get info/"ownership and priveldges" (+I)....
Else, each time the remote CLIENT mac logs in (or starts up) or even connects, if your MAIN MAC host REMOTE DISK VOLUME/file directory is not mounted on the remote client, then the user will need to follow the simploe procedure of connecting it using finder/go/"connect to server" or +k to connect it.
2) YES: ADDING TO LOGIN ITEMS for the REMOTE machine/user - makes this automatic for the above
3) SYSTEM PREFS?: NO NEED for any "appletalk" enablement. THE file systems are shared in UNIX (and other non microsoft windows systems) using industry standard NFS.
Just keep it as above.
SHould you need to isolate certain file paths from different users, its gets a little more involved with permisions.. again a straight forward thing to do as this is UNIX.
Btw the same procedure would be done for wndoze NTFS systems but a little more hassle to do.
let us know how you make out.
I keep getting a message saying that "The server may not exist or is not operational at this time."
My host computer that I'm trying to access it on. They're both plugged into the router via ethernet. I'm sure of it's IP address. And yet I can't connect to it from the other mac.
What might I be doing wrong?
EDIT..... nevermind... my file sharing was off. It works now!
Hi Paul, the 'DROP BOX" has a access conditions set as "WRITE ONLY" - you can see then in the UI form (from UNIX) in the FINDER (file/get info [+i] "ownership and permissions".
THe drop box is useful for allowing people to drop stuff into your own file system but cannot se whats in the dro; box. I dont think this is very useful in you situaton.
For all to see and use (assuming this in your situation), merely see a directory in the root file system or a volume as:
Macintosh HD [or volume]/allsharedfiles/ and give read/write access to everyone.
else set up a diectory in your ~/ (home directory) and do the same. Give read write accesses.
To restrict, use the the FINDER (file/get info [+i] "ownership and permissions". This will work provided there is a user assigned on your SERVER system for each, else just have a generic one.
The FINDEr NFS (connect to server [+k]) access caues a prompt fo a GUEST or a registered user fo access to that volume.
Its up to how much security you need between you connected systems.
For us we leave it open to all of us and rely on the LOGIN user for file restictions.
Simply, anyone with access to your IP address Or you macs local name (host name.local) is CAPABLE of accessing you file system if you have PERSOANL FILE SHARING enabled (or the cifs/smb - windows) enabled.
The OSX enables restictions by default.
If you are behind a rounter on a lower subnet this is more complicated for people to access and unless port mapping is enabled its a "natural firewall" I believe.
So for objects that should be accessed conditionally, set up specific users on your SERVER system in a group if u like. else leave the shared dirsctory(ies) open to all.
Logging in as a GUEST restricts access to WRITE for a users DROB box, else to thos directories on a volume that have access to all in all access modes.. I will stand corrected though).
MAC PRO 8-CORE OCTO 8GB ram w/4.5TB + 2 x 15in MBP DUAl Core, FCS 2, CS3 Mac OS X (10.4.9)
Sorry - but that last post kind of confused me.
I just want to know if somebody could access my computer from somewhere else (outside of my office) when I leave file sharing turned on.
If all they need is an IP address and can login as a guest - then couldn't anybody just go and access the specific folder I've set up to share?