Re: [cifs-discuss] Connecting to CIFS with MAC OSX 10.6

Thu, 25 Feb 2010 14:35:23 -0800 

Hi,
I know this is a Mac Finder problem, but I'd just like to share our final solution, in case anyone else gets bitten by this. Our Macs were bound to our Windows Active Directory server for authentication. 
When not bound to AD, ah!! ACLs, Finder, etc behaves as it should.
I can offer no technical explanation for this. Your guess is as good as mine. 


We are now binding our Macs to "Sun Directory Server" for 
authentication, and it all fits.

Me, my boss and colleagues are very happy.


PS: PSARC 2010/029 looks very cool, and I look forward to it's 
implementation.

It will dispell much confusion with ACLs.

Cheers
John


Alan M Wright wrote:

On 02/23/10 02:02, Ryan John wrote:

Hi,


Further mucking about with this shows I've still got a problem 
connecting from a Mac, even at 10.5.8
If there are any trivial ACLs on a directory, such as you get if you 
create the directory via NFSv3, the Mac is denied,(or denies

itself) access.
This set doesn't allow access from a Mac, but does from Windows:
# ls -lVd createdViaNFS
drwxrwx---+  5 ryanj    user-group       5 Feb 23 10:41 createdViaNFS
    group:BSSE-NASadmins:rwxpdDaARWcCos:fdi---I:allow
    group:BSSE-NASadmins:rwxpdDaARWcCos:------I:allow
          group:bsse-it:rwxpdDaARWcCos:fdi---I:allow
          group:bsse-it:rwxpdDaARWcCos:------I:allow
                 owner@:--------------:-------:deny
                 owner@:rwxp---A-W-Co-:-------:allow
                 group@:--------------:-------:deny
                 group@:rwxp----------:-------:allow
              everyone@:rwxp---A-W-Co-:-------:deny
              everyone@:------a-R-c--s:-------:allow

Whereas, this set allows access from the Mac:
d---------+  5 ryanj    user-group       5 Feb 23 10:41 createdViaNFS
          group:bsse-it:rwxpdDaARWcCos:fd-----:allow
    group:BSSE-NASadmins:rwxpdDaARWcCos:fd-----:allow


If there are trivial ACLs on a directory, they need to be set to rwx 
for everyone, for a Mac user to be able to create a directory.



This is really blocking my progress, as we've got a really mixed 
environment here.


You probably need PSARC 2010/029, which I think has been approved
but not delivered yet.  I don't know what the schedule is for
that case.

Alan





Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature


_______________________________________________
cifs-discuss mailing list
cifs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/cifs-discuss






















					Reply via email to