I am working on a computer used as a server running 10.10.5.
I created a folder on the server as follows.
Folder List
Shared-Folder1
Shared-Folder2
Shared-Folder3
Shared-Folder4
User List
UserA
UserB
UserC
Permissions List (Read/write)
Shared-Folder1: UserA, UserB
Shared-Folder2: UserB, UserC
Shared-Folder3: UserA, UserC
When I login to the server using UserA's credentials using my Windows 10 computer over the network, I see Shared-Folder1, Shared-Folder2, Shared-Folder3.
I made sure that every folder's pre-defined groups in the permissions section is set to "No Access" and all permissions are assigned by username and not by groups.
When I make changes to Shared-Folder2, UserA also sees the changes.
The problem is that UserA should NOT be able to see Shared-Folder2 at all but they clearly have access to it.
Is this a bug in OSX 10.10.5?
Does anybody know how to fix this?
Thanks in advance.
ls -lae "Shared-Folder2" output:
Mini-Server:Raid Storage Admin-User$ ls -lae "Shared-Folder2" total 16 drwx------+ 3 Admin-User staff 102 Oct 10 16:03 . 0: user:_spotlight inherited allow list,search,file_inherit,directory_inherit 1: group:com.apple.sharepoint.group.3 allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit 2: user:UserA allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit 3: user:Shared-Folder2 allow list,add_file,search,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,directory_inherit drwxrwxr-x 18 Admin-User staff 680 Oct 10 16:04 .. -rw-r--r--@ 1 Shared-Folder2 staff 6148 Oct 10 16:03 .DS_Store 0: user:_spotlight inherited allow read,execute,readextattr 1: group:com.apple.sharepoint.group.3 inherited allow read,write,execute,append,readattr,writeattr,readextattr,writeextattr,readsecurity 2: user:UserA inherited allow read,write,execute,append,readattr,writeattr,readextattr,writeextattr,readsecurity 3: user:Shared-Folder2 inherited allow read,write,execute,append,readattr,writeattr,readextattr,writeextattr,readsecurity Mini-Server:Raid Storage Admin-User$
Best Answer
You probably made a mistake and got the permutations wrong.
After creating a new share use the defaults and set the standard POSIX permissions for the group and everyone to "No Access". Then add the two users (here UserA and UserB) with the +-button.
Example: Shared-Folder1
In the Terminal it looks like this for all three folders:
If you try to access the share from a remote host as UserA it will look like this on a Mac:
and a Windows 10 host: