Mac share writeable by more than one group?

[Rob Ellis]

Can I create a mac share that is writeable by more than one group? Not using Open Directory, just native FreeNAS users and groups.

So far, I've
- created two users, one in group 'admin', one in group 'teachers'
- created a dataset 'teachers', share type 'Mac'
- created an AFP share called 'teachers' and set read-write to: @admin,@teachers

This works -- users in one or the other group can both write files -- but only if I set the dataset permissions so that 'other' can write (i.e., perms = 777).

The network share permissions are working ok -- somebody who's not in those groups cannot see the share -- but it seems wrong to have the top directory in the dataset writable by 'other'...?

Any suggestions would be appreciated, I'm just getting into FreeNAS. :)

Thanks.

 

[Ericloewe]

Since AFP is slowly but surely heading the way of the dodo, you're better off using SMB and ACLs. Catch: You need either serious CLI permissions-fu or a Windows client to manage permissions.

 

[Rob Ellis]

You're suggesting using a samba active directory domain controller + windows client to manage permissions for smb shares?

We have all macs on a small network. I don't really want to run windows, and I'd also like to avoid active directory / open directory / ldap if possible. Maybe it's not possible, but it seems like a lot of setup...

Is there a recipe somewhere for making FreeNAS windows shares for macs? Other places I have been reading about needing Avahi. We will need something like that too?

Thanks.

 

[Ericloewe]

No, AD is not required at all.

Is there a recipe somewhere for making FreeNAS windows shares for macs?

???

Make an SMB share and connect to it with Finder or whatever.

 

[Rob Ellis]

It works if I create an smb share and connect to it with Finder's 'Connect to server', but the smb share doesn't show up in Finder by default if I just click on the server name and 'Connect'.

Like I say I'm new to this, not sure what to expect. For our purposes, the shares have to show up clearly and easily in Finder. Maybe there's something else I have to enable?

Thanks.

 

[Ericloewe]

Well, for that you need to setup whatever discovery OS X uses.

 

[nojohnny101]

For best compatibility, like as you described "discoverability" in finder and it "showing up in the sidebar", you need to use AFP. People have been touting the AFP is dead drum for a couple of years now and while this is likely the case, there is still no depreciated performance when you compare SMB and AFP on a Mac.

 

[SweetAndLow]

It works if I create an smb share and connect to it with Finder's 'Connect to server', but the smb share doesn't show up in Finder by default if I just click on the server name and 'Connect'.

Like I say I'm new to this, not sure what to expect. For our purposes, the shares have to show up clearly and easily in Finder. Maybe there's something else I have to enable?

Thanks.

So you still have afp turned on? Osx will only auto discovery one protocol at a time so it's either afp or smb. It defaults to afp so make sure to turn that off for testing.

Sent from my Nexus 5X using Tapatalk