OS X Server with Windows 7--folder permissions problem

Discussion in 'Mac OS X Server, Xserve, and Networking' started by phospholipid, Feb 2, 2016.

  1. phospholipid macrumors newbie

    Joined:
    Dec 12, 2011
    #1
    Hey there, all. My name is Susan.

    I've just started administering the server in our photo studio and I've run into a problem. I'm hoping somebody can help me. We have the newest OS X server software running on Yosemite on a MacMini. The server really manages file sharing. All of the client machines in the office are Yosemite except for two that are Windows 7. Of those two, only one actually uses file sharing.

    Here is the problem. When somebody creates a folder from that Windows machine, nobody else can delete or modify the folder.

    I set up OD, and there are several different OD users. If one of the OD users makes a directory in a sharepoint, everybody can add files, delete files, rename things, make folders, etc. It's great. There is just one problem. If the user on the Windows machine (authenticated into a mapped sharepoint with OD credentials) creates a folder, nobody can delete that folder. The Mac users can add files, delete files, etc. But if they empty the folder of its contents and then try and delete the folder itself, it says that is not allowed. Or, worse, the client machine's Finder just flips off of the folder after the delete command, it gets all weird, and the folder remains (this weird behavior doesn't happen if the Mac client is authenticated as a local user instead of an OD user, but it still doesn't delete the folder).

    I would love any advice. The users are committed to their ways, so I can't talk them into just not deleting folders. I need this one wrinkle to iron out so they can work fluidly. I'm desperate for any help. Thanks!

    -Susan
     
  2. phospholipid thread starter macrumors newbie

    Joined:
    Dec 12, 2011
    #2
    Hey, folks. I'm sorry to do this, but we're desperate. So, *bump*.

    Just to re-touch the points and the problem:

    * On the sharepoints, both SMB and AFP are checked.
    * OD is on.
    * There are several OD users.
    * Users are added to sharepoints.
    * Permissions are propagated after each new OD user that I create and add for experiment.
    * All machines are connected to the sharepoint with a different OD credentials, including the Windows machine.
    * All machines can exchange files around without any permissions problems.
    * OD users from any terminal can create folders and nested folders without an issue.
    * OD users from any terminal can place and delete files within those new directories.
    * If an OD user from a Mac box creates folders, anybody can delete those folders.
    *** If an OD user creates a folder from the Windows machine, only the OD user from that machine can delete that folder.

    Also, and I'm not sure how relevant this piece of information is, there is one other odd behavior: when I'm working at the server terminal as the server admin user, any folder created by a Windows user throws a prohibitory sign. If the same OD user on a Mac makes a folder, the serveradmin can look indie of it no problem. But if an OD user on the W7 box makes a folder, there is a prohibitory sign for the serveradmin looking at the share folder.
     
  3. Les Kern macrumors 68040

    Les Kern

    Joined:
    Apr 26, 2002
    Location:
    Alabama
    #3
    Sounds like the easiest solution is to assign ACL's to the folders for the group or users. I know when I transfer files from Win 10 to my Mac without them it retains the flags from the Windows machines, but when authenticating to my OS X server it changes them.
     
  4. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #4
    By default, SMB clients do not respect ACLs set on OS X shares.
    Try the change in this Apple document to see if it resolves the problem for you. https://support.apple.com/HT203574
     
  5. phospholipid thread starter macrumors newbie

    Joined:
    Dec 12, 2011
    #5
    I tried that once before actually. It didn't have much of an effect. But, that was before we wiped the server clean and completely rebuilt it. I'm a little skeptical that it will have an effect because *files* coming in from the Windows 7 computer can be deleted and edited by other users. It's only when the Windows 7 computer makes a folder that the folder itself can't be deleted. Strangely, when the Windows 7 user makes a folder and puts files in that folder, everybody can manipulate those files. But they can't delete the folder.
    --- Post Merged, Feb 5, 2016 ---
    Hey there. I missed this post. I thought I was doing that, but maybe I'm missing a step. What I've been doing is adding the users to the larger directory in the File Sharing settings, then propagating permissions. Is there another step I'm missing?
     

Share This Page