Mac server permissions inheritance

Posted on 2012-03-21
Last Modified: 2012-06-27
I have inherited a Mac server 10.7.3 which was put in place around Christmas. Everything with Mac clients connecting was working fine and no issues accessing files/folders. A few weeks ago 2 new Mac's with 10.7.3 were introduced into the network and since then we have started having permissions issues. There are 5 other Mac still accessing the server with either 10.5 or 10.6 as the OS. This is on a Windows network and I have not added directory lookup on the Mac server for Active Directory as it was not set up before. All user accounts on workstations are also created on the server with matching login credentials. If user A creates a file and saves it to the network share and user B attempts to open it they get access denied. Checking permissions on the file and it shows Read Only. I can apply the correct permissions and it will work. I have gone through the Server App and applied the correct permissions on the Share Point and from Finder checked the shared folder and its permissions where they display correctly. I have even applied said permissions to all containing folders.
I am a Windows person first so I think I could easily correct the issue by reapplying the permissions or setting inheritance correctly. I am new to Mac's and searching the internet has turned up little by way of resolving the issue. Any insight would be greatly appreciated.
Question by:CNEAdmin
  • 4
  • 3
LVL 13

Accepted Solution

maximus5328 earned 500 total points
ID: 37757440

Author Comment

ID: 37763452
Permission screen shotThe information provided was helpful but as you can tell from the attached image the permission editing is not available for all groups, specifically staff/administrator. I created the group RMA-Creative and can see the permission levels you were mentioning. Even after creating that group and adding the users to the group then creating a folder on the server it did not inherit the permisssions. What I am not sure of is why the group staff does not have the granular permissions available. Should I remove the staff list and only use the newly created group RMA-Creative since there seems to be some oddities with the staff group?
LVL 13

Expert Comment

ID: 37763554
"What I am not sure of is why the group staff does not have the granular permissions available." - administrator, staff and Others are POSIX permissions (aka "traditional Unix permissions") that do not support inheritance.

"Even after creating that group and adding the users to the group then creating a folder on the server it did not inherit the permissions." - Inherited permissions should apply to newly created items but not to existing ones. You should propagate permissions once after changing them on a parent folder.

"Should I remove the staff list and only use the newly created group RMA-Creative since there seems to be some oddities with the staff group?" - you can't and you shouldn't.
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails


Author Comment

ID: 37765292
If the built-in groups do not support inheritance do you have any idea why the permissions are not being propagated. I have forced the permissions several times from the parent share to all items contained. If I have done this once then any new files/folders should be receiving the inherited permissions. The issue is that they are not a new file/folder is only allowing the creator read/write access. The new files have to have permissions assigned after creation. There have also been instances where an existing file has been modified and saved only to have its original permissions of read/write for staff be changed to read only and then permissions have to be updated again. I think I have covered all the permissions entries yet the inheritance is not propagating to new files.
LVL 13

Expert Comment

ID: 37765997
Can you submit a screenshot of permissions on a child folder? I am assuming that the permissions on your first screenshot still active on the parent.

Author Comment

ID: 37771325
Users indicate that after creating the new user group that they are not experiencing issues. I am in their office today and will perform some further tests. I will upload the picture if the issue is not resolved. Maximus5328 I appreciate your input as the viewing of granular permissions led me to what may be a resolution.

Author Closing Comment

ID: 37781471
The image was very valuable in leading me to see what I was missing

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

This article will cover some tips for successfully installing the new update to OS X; 10.5.7. Although the information contained within could be used for any OS X point release.  Please note that this information applies to point releases to a parti…
In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now