How to ensure newly created files on network drive are read-write for everyone? ------------------------------------------------------------------------ **In brief.** When a user creates a document/file on the network server volume at /users/shared/"M C"/, the document ends up being editable only for the user who created it and Read-Only for everyone else. I need it be editable for everyone. **Specifics** With the client user Mac account 'AAA', a file is created on the networked drive in a folder called 'M C' in /users/shared. **The permissions for that newly created file will be Read-Write only for user 'AAA' and undesirably Read Only for the 2 other users listed: 'Staff' and 'Everyone'. I want it to be 'Read-Write' for everyone** (or preferably for only certain users but I'll settle for everyone right now) Similarly, if a Mac user 'BBB', in the same way as 'AAA', connects to the server and creates a file, it will be Read-Write for 'BBB' but Read-Only for all other users. I need all newly created and edited files to be editable by all users. The files in that directory need be shared. **Environment** The client Mac runs macOS 13 (Ventura). The server runs macOS 12 (Monterey) but may upgrade it soon to macOS 15 (Sequoia). User 'AAA' connects to server using their own (sharing only) Mac account on that server. The folder 'M C' is shared: The folder 'M C' has been added to the list at System Settings > Sharing > File Sharing > Shared Folders. Its 'Get Info' window has 'Shared' ticked. The folder 'M C' has Read-Write permissions listed for the users 'AAA', 'BBB', 'Staff', and 'Everyone'. This is shown in both 'Get Info' window and sharing control panel. **What I've tried already** I applied Read-Write permissions to the folder 'M C' for all users but that doesn't help. The contents are unaffected (as expected). I applied Read-Write permissions to the folder 'M C' for all users and all contents but that doesn't help. Existing files will get Read-Write permissions for all users but thereafter, newly created files will be Read-Write only for 'AAA'. Where possible, I tried making these changes in both the Finder's 'Get Info' window, and the System Settings > Sharing control panel. In the System Settings > Sharing control panel, in desperation, for the folder 'M C', I even secondary-clicked it > Advanced Options > ticked 'Allow guest users', but that did not help. (Other options there are not ticked) I have tried placing the folder in other locations (eg, server's home folder), but it makes no difference and I figure /users/shared/ ought be the safest option for this to work. Can anyone help with this issue?

I've tried all of the advice but none seems to work I have an iMac M1 running Sonoma 14.4 and an older iMac running Windows 10 via Bootcamp. From the M1 iMac, I can see the Windows machine and can access the files but cannot drag files from the M1 to the Mac running Windows 10 From the iMac running Windows 10, I cannot see the the M1 iMac at all. Both show they are connected to WORKGROUP. File sharing is enabled on both machines

Alice and Bob both have MacBooks. There's an always-on mac mini with a 5TB external drive they want to use for Time Machine backups. Bob signs in to the Mac Mini and plugs in the 5TB drive, and creates subfolders for him and Alice, shares them, marks them as "Time Machine backup" folders, and is able to point his MacBook's Time Machine at it no problem. Bob uses the Finder on the Mac Mini to give Alice read and write permissions to her backup folder, but her MacBook balks at doing the Time Machine backup with the error "The backup disk image could not be created." Bob sees he can get Alice's Time Machine backup to work if he signs in to the Mac Mini as himself. Is that the only/optimal way to set that up? Everybody has to connect to the backup host as the same user? Or is there a way for Alice to connect as herself and own her own backup files?

I've done this in the past, but I barely remember anymore. I'd like to augment Active Directory (AD) users so they're able to use network home folders when the log in to Macs; they don't won't use Roaming Profiles, the AD equivalent, so this kinda has to be done in macOS Server. I've found a lot of info about adding the users to Open Directory (OD) groups and on OD groups give access to services on macOS, that is correct for the standard web services (and Profile Manager) it offers but to set a network home folder the options are displayed only in individual users cards in the Server app. Apple's documentation details this but only for other OD server users, not for AD users, it merely mentions the process is called "augmenting". Using the Server app I tried exporting the AD users (completes successfully) and then importing the users to OD but that part completes, shows no errors whatsoever but also doesn't import anything. Then I tried importing the very same list that wouldn't import in OD in the local directory (local accounts) which completed just as the failed import but this didn't fail. I got all users from AD in the local directory which is useless for this purpose. That said, the home folder drop down becomes available for local users so I tried making it work but failed. > With a proxy, I intercepted the address for Server app's help contents . Like macOS it has been dumbed down and has become less useful each iteration, so I'm lowering the number in the address bar to go back to other versions hopefully there's something. I'm only getting started though and it was *really* slimmed down for real. It'll take a while to fine anything on my own at this pace. Using Profile Manager's mobility payloads I tried setting the network home folder buy it broke down the address, starting from the scheme (smb://), into a UNIX-style path starting with // that threw me off to the wrong path because that is actually valid in some cases, like smbfs which happens to be the protocol used to mount the home folders, but what it actually did was to create a weird path on /. It didn't begin with // at all, but as you probably know, Apple tends to hide things from the user to make it more "presentable", to put it some way. I could try creating the users manually with throwaway passwords but I don't know how to keep them, or even put them in sync so that data still comes from AD, and lastly, there this user with a single character username where OD requires at least 2-character usernames, the only way I to create that in OD I think is using some automated method of creating the users, like importing it (which was successful on the local directory) otherwise it can't be created. I appreciate your advice on this. I just converted a disk from APFS to HFS+ so it can be shared over AFP, just in case it's needed. Environment ----- All Macs are the same major, minor version of **High Sierra**. There are newer systems but all will be reverted back to High Sierra eventually. Kerberos is working correctly, services are kerberized, Macs have no problems using *Windows Integrated Authentication* on this like SMB3 shares or SSO into other non-Windows servers/services, e.g; Cockpit .

I need a Mac that is often offline for confidentiality. Is it possible to store an Admin or General User account on an external disk which I could only login to when plugged in? In my instance it's not as simple as just storing documents/apps/libraries on an external disk; I need the dynamics of an entire account. A variation of this I'm opposed to is logging in through a local network account server I make and then unplugging the disk when not in use, problem being that it opens more vulnerability's than logging into an account on a thunderbolt connected disk; so one might think this isn't an unheard of solution. This would be far less of a hassle than having to manage security precaution and system updates on another Mac.

My computer is hooked up to a school domain, and a few people used it to log on. Now, the accounts of the other users are still here. I don't have any of their files, but just the empty shell accounts OS X creates by default. It's still about 250MB per user (from the default stuff OS X puts in, plus caches they used while browsing etc.). Can I delete these user folders safely (with sudo)? Or do I need to do some Directory Services magic to make sure OS X knows the users are gone? EDIT: The users aren't in my "/Search/Users" DirectoryServices list, nor are they in /etc/passwd. Their user folders are shown as being owned by numeric IDs, rather than their actual names.

I have an old MacBook Pro (Mid-2010 13″, 2.4GHz Core 2 Duo, 8GB 1067MHz DDR3) that I’m trying to set up for my daughter to use for covid-induced home school. I replaced the old HD with an SSD and gave it a brand new install of macOS High Sierra—nothing fancy, nothing imported; just a nice, new, clean install. I created a local admin account and it runs beautifully. But of course, it couldn’t be that simple. My family uses network accounts from a Mac mini server that doubles as our file and media server. This allows us to log into any computer in the house without worrying about what’s where. The accounts just work, never any problems. But for some reason, when I logged my daughter into this brand new, perfectly clean computer, everything was *s-l-o-w*. Like, crazy slow: click a button and nothing happens for 10-15 minutes slow. Anyone have any ideas? As I said, the local account works beautifully on the MBP, and the network accounts work beautifully on every other machine in the house. It’s just the confluence of this particular MBP and the network accounts that’s problematic. Thanks!

I have a number of iMacs running Sierra/High Sierra/Mojave, which I'm adding to a client's Windows Active Directory. Everything is going well, but I've hit a tiny snag that I can't work out. I have one iMac, running Mojave, that I have previously logged into with my AD account with no issues. It is possible that I left the screen locked and myself logged in, and then subsequently have changed my account password. Now I am unable to log back into the iMac - just get the shakey password. The machine has been rebooted a number of times since. I've tried removing the user profile for my account from the Users folder - no difference. I've tried unbinding the machine from the AD and rejoining, but no dice. I can log in with other AD accounts, so it's clearly not an issue with the binding. I can log into the machine over SSH with my domain account creds, and authenticate administrator actions if logged in as a non-admin user with them too, so clearly the machine knows my creds are good and that I'm an administrator. It's like there's something cached that needs cleared out, but I'm lost as to what. I'd greatly appreciate any advice - I don't want to have to deal with Users having the same issue in the future without a way forward.

My work MBP has been set up as a standalone device, but now needs to join the corporate network. Is there a way to copy my entire user profile (apps, config, terminal settings etc) to a new device (the same device, having been wiped) with a *different* username? (e.g. domain\dunc) The new user account will already be created on the "new" device, and I don't have the ability to change this.

I just upgraded to macOS High Sierra and now I am not able to login using network account. However, I am able to unlock the FileVault2 volume using the old credentials but then it asks for credentials again. On login screen, I see a red dot beside username saying network accounts are unavailable I have two accounts on my machine. One network account with admin privileges and a local account with standard privileges. I am able to login using local account but not with the network account. I have FileVault recovery keys, will it help? I am using MacBook Pro mid 2015 series.

I set up a bunch of users on my OS X Server 3 (Mavericks) requesting they reset the temporary password I gave them. However, no one is able to do that: when connecting via AFP for the first time, they enter their temporary password and are asked to change it, but the form does not accept any value. I don't know if it doesn't accept the current password or the new passwords but I suspect the first: any subsequent login doesn't accept the old password and refuses to even show the change password form. GV jan 13th: We are having the same issue; Our admins do not seem to have this problem, the weird thing is only the other users have this issue.

I have a Mac OSX. My network is not showing up on my list of networks. I am able to get online on this computer but not on the other computers in the house connected wirelessly. This has been the case today but was not this way before.

I have a user who is having difficulty opening Safari on one particular client machine. They have tested it on all other client machines in the same office and it works without issue, but this one machine will not have it. It stopped working half way through the day without any changes taking place. I initially thought this might be because all user homes are located on a network server running in Server.app, but I haven't seen any documentation suggesting that this may be the case. Steps taken so far: * [Deleting the saved state and caches.](https://apple.stackexchange.com/questions/178294/apple-safari-mac-os-x-10-10-2-will-not-open) * [Clearing history, lastsession, metadata cache and cookies.](https://discussions.apple.com/thread/5191624) * Restorying the ~/Library/Safari directory from time machine. * Restorying the entire ~/Library directory from time machine. None of these steps have made any difference, Safari just will not open on this one machine. Sadly I haven't been able to look in person, and wouldn't know where to begin with diagnosing over the phone without the ability to just poke things. Has anybody come across anything similar to this before or know where to look to try and find the issue?

I have a Macbook air 11 inch early 2014 with Mac os X 10.11.5 installed. I can't send or receive from my mac to any other iOS device. If I want to send something to my iPhone, the iPhone never scans and shows up on my mac, and If I want to send something from my iPhone, like a photo, the mac doesn't show up on my iPhone. I have followed a lot of fixes on apple discussions and other websites but non seem to work. I'd be very grateful if anyone would help me.

I am running Mac OS X 10.8 Server with File Sharing and Open Directory providing home directories to network users, so when users log in their home directory is automatically mounted over AFP. Is it possible to enable "Legacy" FileVault (FileVault 1) where the user's home directory resides inside an encrypted DMG sparsebundle when the user is an Open Directory user whose home directory resides on a network share? I know this could be done in 10.6 server for mobile clients but I do not know if it can be done in 10.8 server.

Is it possible to migrate Active Directory network accounts from one Mac to another with Migration assistant? They don't show up in Migration Assistant; only the local accounts do.

I'd like to be able to link an LDAP server to Mavericks to permit users to login with their LDAP credentials. I have the following problem: Although I know the fully qualified DN for a user (in the form cn={username}, ou=USERS, o=ORGNAME), I cannot lookup an attribute of password for the user. (This may be anticipated.) The user can authenticate against the LDAP server though. I have managed to link the LDAP account in Directory Utility, and do actually get a list of users in the "Directory Editor" but I have no idea how to actually propagate that into the system. Specifically (as this is an OS X Server install) I wish to import them in the Server admin app, so LDAP users can log into wiki's, etc. In the Server app, no users appear in the User browser. In advance, I know that that DN looks like an AD DN, it is. However, this server is not on the domain and I do not have domain or LDAP admin rights, so this authentication needs to happen without that. Can someone guide me into how to configure this? I've spent some time with Google, but either I'm searching for the wrong thing (possible) or none of the results help.

I have a way to list all the accounts in Mac via terminal using the dscacheutil command. Is there any way to get to know if a particular account is a mobile account or not from the terminal?

I work in a company which manages IT for several customers (mainly for Apple OS X deployments). Some of them have more users than computers, so they need some form of "movable" home directory (so the user's bookmarks, settings and so on stay while he changes computers). I remember that this worked relatively well in OS X 10.6.X and wasn't so hard to set up. I now tried (in different configurations) to get it working in OS X 10.10.X and OS X 10.11.X but never really got it working in a stable way. Here are the different ways I tried it (for both: OS X 10.10 and 10.11): - Open Directory server on OS X Server and userhome-location on the OS X Server - Issue: The keychain-items do not get synchronized. Other files get synchronized (but the keychain-not-syncing is a showstopper) - Active Directory, userhome-location on the OS X Server or on a synology file server (AFP or SMB) or on the windows server: - same issue as with "pure OD": Keychain does not get synced. Additionally, many other files do not get saved correctly or with incorrect permissions. - general Issue: Some applications do not work well with network homes (for example the mac built-in unzipper) Because of those problems, I decided to try to get it working with synchronized mobile homes. Here, the user home is copied locally and upon the user logging out, the changes are written to the server. The general observation is: - it is incredibly slow (2 Minutes for 3MB are nothing special, and this on a Gigabit-LAN!) - There are many synchronization errors or wrong file permissions Here are the combinations I tried for synchronized mobile homes: - OS X Open Directory Server, Storage location on the OS X Server - OS X Open Directory Server, Storage location on the Synology Server (AFP and SMB) - Active Directory Server, Storage location on the Synology Server (AFP and SMB) - Active Directory Server, Storage location on the OS X Server (AFP and SMB) - Active Directory Server, Storage location on the Active Directoryy Server (SMB) I ask myself if it is even possible to get it working. I tried 3 times, always with those (or comparable) results. Also I let colleagues check my DNS, NTP and networking settings - no problems there. I'd be realy happy if someone who's experienced with that topic could answer and even if it's a "no it's not possible anymore". Regards Christian

I need to send a colleague a relatively large application (>5GB), and was thinking of how I could go about sending it. Cloud-based services such as DropBox won't work because the file is much bigger than the storage, Gmail won't allow me to send files larger than 25Mb, and using a regular USB Flash Drive would take much too long. What I want to know if it is possible to transfer the files between the two computers without needing to be on the same network (For reference both of us are using MacBook Pro's, and we're a couple of states apart). I've tried using telnet, ssh, and ftp, but it seems that all of them require the two computers to be part of the same local area network (I was trying to have the other end connect to my computer by giving them the IP address of my computer). I was wondering if it were possible to somehow make my MacBook act as a server, have the other end connect, and then transfer the files. Is something like this feasible? Thank you in advance!