Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ignored permissions and empty mounts with 10.2 client

We have two interesting and probably interrelated problem...

Our setup-

OSX 10.1.4 and 10.2.3 servers setup to authenticate with LDAPv2 Directory
Services plugin against our Active Directory. Groups are created in Local
(to the Server) Netinfo database. Home directories are mapped from AD to
the OSX server and shared with AFP.

With a 10.1 or 10.2 client I can authenticate against AD with LDAPv2 on
client, pull home directory via AFP from either the 10.1 or 10.2 server
(whichever is appropriate for user.)

First problem-

Now, having successfully logged in, with the 10.1 client I can access
folder with group permissions granted by the server from its local Netinfo
database. For example, I have a directory filled with everyone's home
directory and a few shared group folders...

/Homes/User1
/Homes/User2
/Homes/User3
/Homes/SharedGroupFolderforUser1and2

With the 10.1 Client, the permissions are respected for the Home
Directories and Shared Folders. With the 10.2 client, the Home Directory
permissions are fine, but the Shared Folder's permissions are ignored and
the clients are locked out of folders that the should have rights to. Why
the difference and how do I fix this?

Second problem, same setup-

With a 10.1 client I can log in and get my home directory from either the
10.1 or 10.2 server via AFP. I can then mount a share point to my client
desktop from the same server that contains the home directories and have
my permissions respected.

With a 10.2 client I can log in and get my home directory from either the
10.1 or 10.2 server via AFP. I can then mount a share point from the same
home directory server, but the share is empty, i.e. shows zero files.

I can log in with a 10.2 client that is logged in with a local (to the
client) home directory and mount both a home directory as a normal share
and others shares and have their permissions respected.

Hopefully, there is a simple, easily deployable fix. It will be spring
break before I have any opportunity to make major changes to servers or a
bunch of clients. We use Microsoft Office and Office has problems with
10.1 and remote home directories (the kernel panic problem (and a real
confidence builder for our 10.1 deployment)) and I would like to get as
many people onto 10.2 as possible (where I haven't seen the kernel panics
with Office, have others?)

- Paul Hildahl
_______________________________________________
macos-x-server mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macos-x-server
Do not post admin requests to the list. They will be ignored.


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.