Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


MAC permissions problem with Iomega NAS on Windows Domain

Posted on 2010-11-29
Medium Priority
Last Modified: 2012-05-10
We have a Windows 2003 SBS server and use PCs and MACs. We recently purchased an iomega StorCenter StorCenter ix4-200d to act as our fileserver to take the load off our server.  All seemed fine until the MAC users said they had problems writing to folders, even ones that they had created themselves only minutes before.  After some investigation, it seems that from OS versions 10.6.4 and above, if the MAC is added to the windows domain, the permissions on new folders are set with Read-Only attributes for Everyone, and some of our global User groups.  This can be resolved by logging in to a PC as the MAC user who first created the folder and setting full access again to Everyone and the other groups.  As you can imagine this is painful!  If I remove the MAC from the domain on 10.6.4 upwards, it seems to work fine but I need them on the domain to be able to secure our NAS drive with Active Directory.

Also, I've noticed that below 10.6.4 we can copy files from the MAC's desktop to the NAS by first removing the dotslash files (using Terminal), but on 10.6.4 and upwards, even removing the dotslash files doesn't help and the file copy fails with 'you do not have permission..'

My options seem to be to downgrade all MACs to pre 10.6.4 (not going to go down well) or take them off the Windows domain - not practical.

One more thing - all MACs can copy files absolutely fine to a share on the original Windows 2003 Server.  We are using this as a temporary area for MAC users to get files on to the server.. they copy to the Windows Server and someone on a PC then moves the files on to the NAS for them.


Rich Reeves
Jellyfish Creative
01604 233 933
Question by:rawsharklives
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 15

Expert Comment

ID: 34231314
I think you have two options:
1: contact Iomega for help sorting out the permissions and privileges.
2: mount the NAS to the windows 2003 server and have your macs continue down this route.

Author Comment

ID: 34231455

I will try the iomega route, but as I can get the MACs to work when not on the domain, and PCs work when on the domain, I was assuming they wouldn't get involved.  Worth a shot though.

As to point 2.  Can you clarify what you mean by mounting the NAS to the windows 2003 server?  Do you mean setting up a share on the main server pointing at the NAS?  How would the MACs then access it?

Thanks for your help so far.


Author Comment

ID: 34265020
I'm now logging a call with IOMEGA support once I have the serial number of the drive from the office.  I will let you know if they resolve it and pass on points appropriately.


Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

LVL 15

Expert Comment

ID: 34988168
did this get resolved?

Accepted Solution

rawsharklives earned 0 total points
ID: 34995271
Yes. But not with any help from iomega.  In the end I had to remove the NAS from the Windows Domain and connect to it with local NAS users.  PC users seems to connect ok, and the MACUSER supply a NAS specific user and password and we no longer get the permissions being changed by MACs.

We are still finding folders with messed up permissions and the solution is to copy and paste the entire folder using a PC which resets all permissions.  Then delete the original folder using the NAS control panel itself.

So, no proper Windows Domain support working with this NAS. I'm sure with all MACS or all PCs it would be fine.  It seems to be the mix of the two.

LVL 15

Expert Comment

ID: 34996020
I would request closing this question with you solution as the preferred answer.

Author Closing Comment

ID: 35042271
Could not resolve problem on Windows Domain.  Had to take if off the domain and go about it another way.

Expert Comment

ID: 35285829
I have had a simular problem. I need both MAC and Windows computers to be able to access the NAS device while autenticating to ADS.

After speaking with iomega techs, and having them tell me to only way to have both Windows and MACs access the device was to set it to workgroup modes- not an option for us.

Well, good news!!  --Sort of.  I got to thinking,
While having the NAS setup to access ADS, I enabled the FTP features on the NAS and then installed FTP client applications on the MACS.
Now the Windows and Mac users are albe to authenticate against the Active Directory!

There are just a few minor inconvienences when using this method on a MAC, such as not being able to open a file directly from within an application (perhaps some can recomment a client app that would fix this); and, you need to copy or move the files back and forth.


Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
This article outlines the struggles that Macs encounter in Windows-dominated workplace environments – and what Mac users can do to improve their network connectivity and remain productive.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question