Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 250
  • Last Modified:

Mac users have access to all mac shares on Windows Server 2003

We are running a Windows Server 2003 domain with active directory. We have a mixture of windows and mac based users accessing shares on the server. Through AD, we have assigned access rights to users to certain files and areas and this is working without issue. The problem that we have is when we create a file share to allow mac users to connect the the server, these same access rights do not carry over, basically all mac users can see all mac shared files and i cannot work out how to limit this. Any help would be greatly appreciated.
Hope i have explained this well enough. Thanks
0
mhannan13
Asked:
mhannan13
  • 5
  • 4
1 Solution
 
KaffiendCommented:
What exactly do you mean by "all mac users can see all mac shared files" ?  

And how are the MAC-based users connecting to the server (by using smb I hope) ?


Control access by using Windows ACLs.  
(MAC-based users can function just fine in a Windows AD environment, as long as they access Windows file shares using their AD credentials)
0
 
nappy_dCommented:
If you are sharing files over AFP(services for Macintosh) for Mac users, the permissions will differ.  Disable SFM and make your user connect via SMB.
0
 
mhannan13Author Commented:
mac users are connecting via smb.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
KaffiendCommented:
Since mac-based users connect through smb, I would suggest you check the permissions structure of the shared folders for clues as to why users seem to have more access rights than desired.
(In other words, from what I can see so far, it is probably not a Mac-specific issue)

Look especially at inherited permissions, perhaps.
0
 
mhannan13Author Commented:
Kaffiend, ill check permissions but i can guarantee that permissions on folders are set correctly for pc based users, no issues with access or deny.
0
 
KaffiendCommented:
If you log on to a PC, using a MAC user's AD credentials, do you still have the same problem where this user can access more than is desired?
0
 
mhannan13Author Commented:
no. it works perfectly, only access to what they should have.
0
 
KaffiendCommented:
Cool, thanks for trying that.  So we can rule out Windows permissions as the problem.

Maybe at some point, admin-level credentials were used to access the folders in question, and these got saved in the MAC's keychain?
0
 
mhannan13Author Commented:
thats an idea, what would i look for? will not be on location again until early next week so i cannot check this now. Thanks for the continued advice.
0
 
KaffiendCommented:
Utilities > Keychain Access
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now