- Challenges of File Sharing
- Different Protocols for Different Clients
- Planning File Services
- Using Apple Filing Protocol
- Configuring Apple File Service
- Monitoring AFP Activity
- Using Windows File Service
- Configuring Windows File Service
- Configuring Access and Starting Windows File Services
- Using NFS Share Point Access
- Configuring NFS
- Using FTP File Service
- Configuring FTP Service
- Network-Mounted Share Points
- Preparing for a Network Home Folder
- Configuring Network Mounts
- Controlling Access to Shared Folders
- Troubleshooting File Services
- What Youve Learned
- References
- Chapter Review
Configuring Apple File Service
Use Server Admin to make a folder on your server computer and share it via AFP.
Set Up a Folder for Sharing
Before a folder can be shared via any protocol, you must set it up for sharing.
- On your Mac OS X computer, open Server Admin, connect to your server with its DNS name, server17.pretendco.com, as ladmin (password: ladmin).
- Select the AFP service for your server in the left column.
- Click Share Points in the toolbar.
- Click Volumes, then click Browse.
- On your boot volume, navigate to Shared Items, click New Folder, name the folder Apple File Services, then click Create.
- Select the Apple File Services folder.
Be sure to click the right folder before you set it as a share point in the next step.
- Click the Share button in the upper-right corner, then click Save.
This item is now shared. By default, Mac OS X Server shares items over AFP and SMB only. Because you want this item to be viewable only by your Mac clients, you’ll modify the default setting so that the item is shared only via AFP.
- Click the Protocol Options button in the Share Point pane at the bottom of the window, and under AFP make sure that “Share this item using AFP” is enabled (it should be enabled by default).
- Select the checkbox labeled “Allow AFP guest access.”
This allows users to connect anonymously, provided the AFP service is configured to allow guest users.
- Change the AFP name to Corporate AFP Server.
This is the name that will be given to the volume when client computers connect to it, while preserving the original folder name when viewed from the server. On your server, you’ll want to be sure to choose names for the shares that correlate to their use. You may also want to retain the original folder name as the AFP name to avoid confusion between the name of the folder when viewed from the server versus when remotely connected from a client computer.
- Click the SMB tab next, and deselect the “Share this item using SMB” checkbox.
- Click the FTP tab next, and confirm that the checkbox labeled “Share this item using FTP” is deselected.
Click OK to dismiss the pane, then click Save in the main Server Admin window.
Now your shared folder named Apple File Services is visible only to Mac clients using AFP. No action needed to be taken in the FTP and NFS panes because share points are not exported as FTP or as NFS shares by default.
Configure and Start AFP Service
Because you want to share this folder using AFP, you must configure AFP service with Server Admin, and then start the AFP service.
- In Server Admin on your Mac OS X computer, select the AFP service, then click the Settings button in the toolbar.
If the AFP service isn’t listed, you must first add it by choosing Add Service from the Action pop-up menu in the bottom-left corner of Server Admin.
- Click the Access tab, choose Any Method from the Authentication pop-up menu, and select the “Enable Guest access” option. Click Save.
- AFP should already be running from previous exercises. If it isn’t, start it by clicking the Start AFP button.
- On your Mac OS X computer, switch to the Finder and use Connect to Server to connect to your server at server17.pretendco.com.
- Connect as a guest user.
- Select the Corporate AFP Server share point and click OK.
The Corporate AFP Server share point should open in your Finder as a folder.
Note that an icon for the network volume does not appear on your desktop, but an eject icon does appear next to your server in the Finder window sidebar.
- Unmount the Corporate AFP Server share point.
Restrict Access to Files
Now that you have shared the Apple File Services folder, modify the permissions to restrict access to the files.
- On your Mac OS X computer in Server Admin, click the File Sharing button in the toolbar, and then click the Share Points button, followed by the Browse button. Select the Apple File Services share point.
- Click the New Folder button in the upper-right corner of Server Admin and create a folder inside Apple File Services called
Press Releases. Click Save.
You can create folders and share points using Server Admin without actually going to your server computer.
- Create a second new folder inside Apple File Services called Snow Leopard Development. Click Save.
- Click the Snow Leopard Development folder in Server Admin.
- In the Permissions pane, change the POSIX permissions as follows:
- Owner: student1, Read & Write
- Group: admin, Read & Write
- Others: No Access
- Click Save.
Set Other AFP Options
You now have a basic AFP share ready for use. However, it’s possible you may need to set some additional settings. Next, you’re going to look at the various other options you can configure for an AFP share.
- In Server Admin, select the AFP service and click the Settings button in the toolbar.
- In the General pane, type some text in the Login Greeting box.
This message will be displayed to each user who connects to the Apple File Service on your server. If users don’t have to see the message every time they connect, you can configure the Apple File Service to display it just once for each user.
- Select the checkbox for “Do not send same greeting twice to the same user.”
Users will now see the message the first time they connect. They won’t see a message again until you change the greeting.
- Click Save.
- Click the Access tab.
- Select “Enable administrator to masquerade as any registered user” if it isn’t already selected.
With this option enabled, you can simulate another user’s access: You can authenticate to the AFP service by providing the other user’s name, then providing any administrator’s password. This is helpful when troubleshooting permissions issues.
Limit Concurrent Users
In some cases, it may be useful to put limits on the number of users who can be connected to your server at any one time. This can be particularly useful if your server isn’t very powerful, or if you have a very slow network connection. In most cases, you’ll always want to set the number of maximum connections to a number higher than the number of guest connections to leave room for real users to connect to your server.
- Under Maximum Connections, change the setting for Guest Connections from Unlimited to 3.
- Change the setting for Client Connections to 10.
This limits the number of users who can be connected to the Apple File Service simultaneously to 10.
Of the 10 possible users who can be connected at one time, only 3 of them can be connected anonymously.
- Click Save.
Keep Error and Access Logs
Logs are critical assets for diagnosing any problem, including AFP issues. Certain laws or company policies may also require you to keep logs of activity on your server. Configuring your server to create error and access logs is done through Server Admin as well.
- Click the Logging tab.
- Select every checkbox.
- Click Save.
This will enable all the possible logs, including both access and error logs. This will save information about such actions as when a user connects to your AFP server (Login), disconnects (Logout), reads or copies a file (Open File), creates a new file or folder, or deletes a file or folder. Additionally, there is a setting to archive the logs after a specified number of days. This is useful on a high-traffic server where the logs would otherwise grow too large and possibly fill your disk.
Use Your Server for Time Machine Backups
Normally, for Mac OS X you would configure Time Machine to back up to a second hard drive directly connected to a given computer. However, you can use a remote AFP share for this purpose as well by selecting the “Enable as Time Machine backup destination” option in a share point’s Share Point pane.