[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Mac server permissions inheritance

Posted on 2012-03-21
Medium Priority
Last Modified: 2012-06-27
I have inherited a Mac server 10.7.3 which was put in place around Christmas. Everything with Mac clients connecting was working fine and no issues accessing files/folders. A few weeks ago 2 new Mac's with 10.7.3 were introduced into the network and since then we have started having permissions issues. There are 5 other Mac still accessing the server with either 10.5 or 10.6 as the OS. This is on a Windows network and I have not added directory lookup on the Mac server for Active Directory as it was not set up before. All user accounts on workstations are also created on the server with matching login credentials. If user A creates a file and saves it to the network share and user B attempts to open it they get access denied. Checking permissions on the file and it shows Read Only. I can apply the correct permissions and it will work. I have gone through the Server App and applied the correct permissions on the Share Point and from Finder checked the shared folder and its permissions where they display correctly. I have even applied said permissions to all containing folders.
I am a Windows person first so I think I could easily correct the issue by reapplying the permissions or setting inheritance correctly. I am new to Mac's and searching the internet has turned up little by way of resolving the issue. Any insight would be greatly appreciated.
Question by:CNEAdmin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 13

Accepted Solution

maximus5328 earned 2000 total points
ID: 37757440

Author Comment

ID: 37763452
Permission screen shotThe information provided was helpful but as you can tell from the attached image the permission editing is not available for all groups, specifically staff/administrator. I created the group RMA-Creative and can see the permission levels you were mentioning. Even after creating that group and adding the users to the group then creating a folder on the server it did not inherit the permisssions. What I am not sure of is why the group staff does not have the granular permissions available. Should I remove the staff list and only use the newly created group RMA-Creative since there seems to be some oddities with the staff group?
LVL 13

Expert Comment

ID: 37763554
"What I am not sure of is why the group staff does not have the granular permissions available." - administrator, staff and Others are POSIX permissions (aka "traditional Unix permissions") that do not support inheritance.

"Even after creating that group and adding the users to the group then creating a folder on the server it did not inherit the permissions." - Inherited permissions should apply to newly created items but not to existing ones. You should propagate permissions once after changing them on a parent folder.

"Should I remove the staff list and only use the newly created group RMA-Creative since there seems to be some oddities with the staff group?" - you can't and you shouldn't.
Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.


Author Comment

ID: 37765292
If the built-in groups do not support inheritance do you have any idea why the permissions are not being propagated. I have forced the permissions several times from the parent share to all items contained. If I have done this once then any new files/folders should be receiving the inherited permissions. The issue is that they are not a new file/folder is only allowing the creator read/write access. The new files have to have permissions assigned after creation. There have also been instances where an existing file has been modified and saved only to have its original permissions of read/write for staff be changed to read only and then permissions have to be updated again. I think I have covered all the permissions entries yet the inheritance is not propagating to new files.
LVL 13

Expert Comment

ID: 37765997
Can you submit a screenshot of permissions on a child folder? I am assuming that the permissions on your first screenshot still active on the parent.

Author Comment

ID: 37771325
Users indicate that after creating the new user group that they are not experiencing issues. I am in their office today and will perform some further tests. I will upload the picture if the issue is not resolved. Maximus5328 I appreciate your input as the viewing of granular permissions led me to what may be a resolution.

Author Closing Comment

ID: 37781471
The image was very valuable in leading me to see what I was missing

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we discuss how to recover the missing Outlook 2011 for Mac data like Emails and Contacts manually.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question