Difference between revisions of "Plugin/webGui/AFP Security Settings"

From unRAID
< Plugin‎ | webGui
Jump to: navigation, search
({{SUBPAGENAME}})
({{SUBPAGENAME}})
 
(4 intermediate revisions by 2 users not shown)
Line 2: Line 2:
 
== {{SUBPAGENAME}} ==
 
== {{SUBPAGENAME}} ==
  
The unRAID AFP implementation supports Guest access and fully supports the three security modes: Public, Secrure, and Private.
+
=== Export ===
  
In general, when you click on your server's icon in Finder, you will be asked to log in as Guest, or to specify a set of login credentials (user name/password).  In order to use Secure or Private security on a share you must have a user already defined on the server with appropriate access rights.
+
The Export setting determines whether this share is exported via AFP (Yes or No). The Export setting also includes a third option (Yes - TimeMachine).  This setting enables various special options for TimeMachine; in particular a "volume size limit". This limits the reported volume size, preventing TimeMachine from using the entire real disk space for backup.  For example, setting this value to "1024" would limit the reported disk space to 1GB.
  
{{Note}} netatalk does not permit the user name <tt>root</tt> to used for log in purposes.
+
{{Note}} Apple recommends not to use the volume for anything but TimeMachine due to the way locks are used.
 +
 
 +
=== Security ===
 +
 
 +
The unRAID AFP implementation supports Guest access and fully supports the three security modes: Public, Secure, and Private.
 +
 
 +
In general, when you click on your server's icon in Finder, you will be asked to log in as Guest or to specify a set of login credentials (user name/password).  In order to use Secure or Private security on a share, you must have a user already defined on the server with appropriate access rights.
 +
 
 +
{{Note}} netatalk does not permit the user name <tt>root</tt> to be used for log in purposes.
  
 
'''Public'''
 
'''Public'''
 
:When logged into the server as Guest, an OS X user can view and read/write all shares set as Public.  Files created or modified in the share will be owned by user <tt>nobody</tt> of the <tt>users</tt> group
 
:When logged into the server as Guest, an OS X user can view and read/write all shares set as Public.  Files created or modified in the share will be owned by user <tt>nobody</tt> of the <tt>users</tt> group
  
:OS X uesrs logged in with a user name/password previously created on the server, can also view and read/write all shares set as Public.  In this case, files created or modified on the server will be owned by the logged in user.
+
:OS X users logged in with a user name/password previously created on the server can also view and read/write all shares set as Public.  In this case, files created or modified on the server will be owned by the logged in user.
  
 
'''Secure'''
 
'''Secure'''
 
:When logged into the server as Guest, an OS X user can view and read (but not write) all shares set as Secure.
 
:When logged into the server as Guest, an OS X user can view and read (but not write) all shares set as Secure.
  
:OS X users logged in with a user name/password previously created on the server, can also view and read all shares set as Secure.  If their access right is set to read/write for the share on the server, they may also write the share.
+
:OS X users logged in with a user name/password previously created on the server can also view and read all shares set as Secure.  If their access right is set to read/write for the share on the server, they may also write the share.
  
 
'''Private'''
 
'''Private'''

Latest revision as of 23:10, 17 July 2011

AFP Security Settings

Export

The Export setting determines whether this share is exported via AFP (Yes or No). The Export setting also includes a third option (Yes - TimeMachine). This setting enables various special options for TimeMachine; in particular a "volume size limit". This limits the reported volume size, preventing TimeMachine from using the entire real disk space for backup. For example, setting this value to "1024" would limit the reported disk space to 1GB.

Note: Apple recommends not to use the volume for anything but TimeMachine due to the way locks are used.

Security

The unRAID AFP implementation supports Guest access and fully supports the three security modes: Public, Secure, and Private.

In general, when you click on your server's icon in Finder, you will be asked to log in as Guest or to specify a set of login credentials (user name/password). In order to use Secure or Private security on a share, you must have a user already defined on the server with appropriate access rights.

Note: netatalk does not permit the user name root to be used for log in purposes.

Public

When logged into the server as Guest, an OS X user can view and read/write all shares set as Public. Files created or modified in the share will be owned by user nobody of the users group
OS X users logged in with a user name/password previously created on the server can also view and read/write all shares set as Public. In this case, files created or modified on the server will be owned by the logged in user.

Secure

When logged into the server as Guest, an OS X user can view and read (but not write) all shares set as Secure.
OS X users logged in with a user name/password previously created on the server can also view and read all shares set as Secure. If their access right is set to read/write for the share on the server, they may also write the share.

Private

When logged onto the server as Guest, no Private shares are visible or accessible to any OS X user.
OS X users logged in with a user name/password previously created on the server may read or read/write (or have no access) according their access right for the share on the server.
Note: Private security is available only with Plus and Pro registration.