I have a few Mac clients connected to a Linux server running Netatalk 3.1.1. The server is connected to an AD domain, the clients are currently not. Previously all users were connecting under a single user account and everything worked relatively well. We attempted to introduce the new concept that every user should have their own account, but we're seeing permissions issues.
The root of the share has some sane ACLs and default ACLs applied which grant the appropriate rights, but OS X thinks everything read-only and forbids writes. On the local Linux machine, or through a Windows machine (speaking SMB to Samba), writing to the folders works as expected.
I attempted changing map acls = none thinking it would report no permissions to the client at all, but the issue persists.
I joined a single 10.9 test client to AD and set the LDAP settings in Netatalk. That client can now see the group names that have write permission (AD\foo-w) and running the group command shows that I am a member of that group. However, the 'Get Info' dialog still shows read-only access and Finder forbids writes.
Does anyone know how I can convince the OS X clients that it can write?
0 Answers