Have a MacStudio running system 13.3.1 set up as a file server. It is bound to an Open Directory server. Using TinkerTool as a GUI to set/update permissions of the shared files/folders.
Everything works fine (as long as a monitor is connected) except when updating directory groups.
When I add a new user to a group that has permission to a shared folder, that new user is not allowed access. I check Directory Utility on the Studio, and the new user is in the group.
I check effective permissions with TinkerTool and everyone else in the group has the proper permissions, but the new user is denied. Also verified by logging in as the users. The directory group is assigned as an ACL on the folder.
Here is how the permissions are set on the folder being shared:
drwx------+ 13 xxxxxxxx staff 442 Apr 21 07:55 Samples
0: group:executive allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,limit_inherit
1: group:samples allow list,add_file,search,delete,add_subdirectory,delete_child,readattr,writeattr,readextattr,writeextattr,readsecurity,file_inherit,limit_inherit
2: user:xxxxxxx allow list,search,limit_inherit
The new user is part of the group "samples" verified with Directory Utility.
A restart I believe will fix this, but it shouldn’t be necessary and restarting a live server while everyone is using it is no good. It appears something isn’t being updated, or a cache isn’t being cleared.
Anyone have any ideas?
New information: If it is left over night it fixes itself. Having to wait 24hrs for permissions to set isn't ideal.
