macintosh, Access rights of a Macintosh on a Windows share

microsoft.public.win2000.macintosh - Microsoft Windows 2000


macintosh >> Access rights of a Macintosh on a Windows share

by Tmljb2xhcyBIZXllcg » Fri, 22 Apr 2005 21:26:03 GMT

Hello

I have installed the UAM client to all our Macintosh clients. They can use
their AD credentials to access shares on a windows member server. I found
also out that I had to set a "Primary default group" in order for our MAC
users to have "better" access rights than those of the "domain users" group.

But even after changing the "primary group" of a MAC user and even after
assigning NTFS rights to the user directly, the share properties show only
"domain user" rights" (that meens "Read" rights only while he was allowed
"Modify" NTFS rights through a specific group set as primary and even
"Modify" for the user itself).

What is wrong ? Are the NTFS rights the correct way to set access rights for
MAC users or should I only define "Share" rights ?

Thanks for any reply
Nicolas

Top

macintosh >> Access rights of a Macintosh on a Windows share

by William Smith » Sat, 23 Apr 2005 10:28:55 GMT


In article < XXXX@XXXXX.COM >,



Hi Nicolas!

You're modifying rights on the server using ACLs (Access Control Lists)
and Macs don't support this... yet. Tiger, which will be released later
this month is suppose to be fully compatible with Windows ACLs.

Modifying the various properties of an object on the server side can
product bizarre permissions results on the Macs, which only understand
three levels of permissions: owner, group and everyone.

Share your Mac volume from the server then go to a Mac, log in as the
owner and set your permissions that way.

I typically make Administrators the owner. I put those who need
read/write access into a global group nested into a local group specific
to the volume and select that at the group for the volume and then set
Everyone to either read only or no access.

Hope this helps! bill
--
William M. Smith
(Microsoft Interop MVP)


Top

macintosh >> Access rights of a Macintosh on a Windows share

by Jim Seifert [MSFT] » Tue, 26 Apr 2005 00:55:28 GMT

What OS are the clients running and are the Mac shares also Windows shares?

I ask because OS X clients can access Windows shares and will use those
permissions sets or they can connect using AFP and use the Mac (SFM)
permissions. This can get very complicated quickly as settings for AFP
(SFM) and Windows shares are not the same and clients may connect with
either. Installing the UAM does not guarantee that OS X clients will not
connect to Windows shares nor does it guarantee that they will not connect
to a Windows share if the same folder is shared to both AFP(SFM) and Windows
clients.

The easiest way to administer this is be sure the shares are Mac or Windows
only to avoid the multiple connection types.


--
Please do not send e-mail directly to this alias. This alias is for
newsgroup purposes only.
This posting is provided "AS IS" with no warranties, and confers no rights.





Top

Access rights of a Macintosh on a Windows share

by Tmljb2xhcyBIZXllcg » Thu, 28 Apr 2005 17:24:14 GMT

Thanks a lot.

As you wrote it, I connected to the shares using an administrator account on
my MAC and set the rights from the MAC. I did it some days ago, tested it and
noone did complain til now. So I think this is THE solution.

Regards
Nicolas





Top

Access rights of a Macintosh on a Windows share

by Tmljb2xhcyBIZXllcg » Thu, 28 Apr 2005 17:30:03 GMT

Thanks

I did just share the Mac part und did exactly what William wrote in the
first answer and that seems to work.

REgards
Nicolas






Top
Similar Threads

1. Canoot access an AD PDC but can access any other PC sharing from an OSX Macintosh - Macintosh

2. Windows 2003 & Macintosh G3 OS X version 10.2.8 Share Access 

I am having problems sharing a folder (& contained files) on a Windows 2003 
Standard Edition Server so that a Mac can access using the "Connect to 
Server" feature.  The Mac can get all the way to "seeing" the domain and 
server, but cannot authenticate (failure errors are 5000 and 5023).  Here is 
a additional info:
1.  I am able to browse using the Connect to Server to "smb//192.168.3.3".  
This is my Windows 2003 server.
2.  When I click "Connect", I get a nice logon prompt that asks for three 
items:
          a.  Workgroup/Domain (it is already filled in with my netBIOS 
domain)
          b.  Username
          c.  Password
I have tried entering username and password in many forms, but it fails 
every time with the above error codes.  One of my Mac friends says that this 
should work with Windows 2000 Server, but he has heard there are more issues 
with Windows 2003.
My AD domain is "sonompins.corp".

Any help would be appreciated.
-- 
Thank you,
Mike

3. Windows 2003 Share & Macintosh G3 OS X version 10.2.8 Access

4. accessing shared drive on Macintosh 

is there an easy to follow document anywhere on how to share a drive from a 
Macintosh to the rest of a SBS2003 network.

I have a network consisting of Server, 10 PCs and 1 Mac.  The Mac 
essentially is just a standalone PC.  It does have a network connection in 
order to get access to the internet via the server, but all it's data etc is 
stored on the machine itself.

I would like to set the external 500GB hard disk of the Mac to be shared so 
the rest of the network can see it.  Any help greatly appreciated

Jon

5. Sharing info between Windows and Macintosh computers

6. unable to access the shared portions of the Windows XP computer due to user right restrictions 

I can ping my computers put my xp laptop is not part of my 
workgroup......I was told there is an issue with local security policy 
settings....any idea what I need to change.......it has everyone and 
users listed now so I am confused.......thanks

7. Windows 2003 Share & Macintosh G3 OS X version 10.2.8

8. Can't access windows file shares (file, printer, etc..) 

I'm the only Windows computer in an (hostile ;-) MacOSX environment.
With my windows computer I'm successfuly able to mount MacOSX directories 
into network drives.

However I can't access my windows network shared from Mac ;-(
Even if I try connect to: IP address it doesn't work (the server may not 
exist error!!!)

The worst of it it used to work but then we had some network problem.

Anyway, any ideas?