Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

mattspace

macrumors 68040
Original poster
Jun 5, 2013
3,352
2,981
Australia
This is baffling me - any thoughts would be appreciated:

  • High Sierra fileserver serving multiple drives over SMB to a Ventura workstation.
  • The behaviour isn't changed by changing the account I log in to the server with, from the workstation.
    • I've tried using the credentials of:
      • An Admin account on the File Server
      • A Standard User account on the file server.
      • A Sharing Only account on the file server.
  • The drives are a mix of HFS+ and APFS
  • When the Ventura Workstation creates a folder on one of the APFS based shares, a few seconds after creating it, the workstation loses the ability to write to the folder, or rename it.
    • If you get info on the folder immediately after creating it, you can watch the Name & Extension field flash multiple times between editable, and greyed out - it looks like an argument happening.
    • If you go into a folder, and click in he name field, the folder name will become editable in finder, but no amount of clicking on thr folder name in a finder window will make it editable.
  • Folders on / created on from the Ventura Workstation on the HFS+ drives do not exhibit this behaviour.
  • All the shared drives show the same permissions in Finder on the High Sierra File Server:
    • Logged in local Admin user: Read & Write
    • staff: Read & Write
    • everyone: Read Only
    • Ignore Ownership: Ticked
  • All the drives when viewed with Get Info on the Ventura Workstation show:
    • The Workstation's (Admin) user account: Read & Write
    • everyone: No Access
  • Folders on All the drives show the same permissions:
    • Workstation Admin account: Read & Write
    • staff: Read Only
    • everyone: Read Only
  • In the Sharing prefpane, each of my shared drives is listed in Shared Folders, and the user accounts listed are:
    • The currently logged in local Admin account: Read & Write
    • Staff: Read & Write
    • Everyone: Read Only
  • Adding the File Sharing Only user account to the permissions of the shares in the sharing prefpane does not change the behaviour.
  • In the Options: Share files & Folders over SMB is ticked, share files & folders using AFP is not ticked.
  • Now, here's where I see one consistency that coincides with the problem:
    • Right clicking on the drives in Shared Folders and going to Advanced Options shows:
      • Allow Guest Access: ticked
      • Only allow SMB Encrypted Connections: unticked
      • Share as Time Machine backup destination: unticked
      • However: The HFS+ volumes are all listed as Share over SMB and AFP, whereas the APFS volumes are SMB and greyed out, so can't be changed.
    • If I disable AFP for the HFS+ volumes, unmount the shares, from the workstation, switch file sharing off, then on, and remount the whsares on the workstation, nothing changes in the behaviour.
So, does anyone have any thoughts, or suggestions for where to look for more info?
 
So I think I've solved this, and I'll put up the answer because my first post is already shwing up in search engines.

The specific combination which worked was to disable "Ignore Ownership on this volume" for the APFS volumes on the fileserver, then to add the filesharing-only user account with read & write access privileges, then to apply those privileges to all enclosed items.

So far, creating new folders on the drives from the workstation is working ok, and the names stay editable etc.
 
  • Like
Reactions: hobowankenobi
So I think I've solved this, and I'll put up the answer because my first post is already shwing up in search engines.

The specific combination which worked was to disable "Ignore Ownership on this volume" for the APFS volumes on the fileserver, then to add the filesharing-only user account with read & write access privileges, then to apply those privileges to all enclosed items.

So far, creating new folders on the drives from the workstation is working ok, and the names stay editable etc.
Thanks for sharing. Just saw this, but based on previous Mac OS X Server file sharing, this sounds about right.

Historically, one needed to setup and resolve file sharing permissions on the server, using the accounts local to the server...not clients. It has always been less than clear. On older OSes, for example, using the Get Info window for anything that was actually on mounted share would not work.
 
  • Like
Reactions: mattspace
Thanks for sharing. Just saw this, but based on previous Mac OS X Server file sharing, this sounds about right.

Historically, one needed to setup and resolve file sharing permissions on the server, using the accounts local to the server...not clients. It has always been less than clear. On older OSes, for example, using the Get Info window for anything that was actually on mounted share would not work.

Yeah, I assume it's also that APFS has a stronger interaction with ACLs, because the HFS+ disks don't have issues.
 
  • Like
Reactions: hobowankenobi
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.