Our files server and 70+ clients are all using 10.3.9. The file server is set up as a standalone server with Netinfo, and there are only two accounts: joeadmin and joeuser. There is one group named joeusergroup. The volume is set as a sharepoint owned by joeadmin and joeusergroup. Folders inherit permissions (not Unix behavior). Multiple logins are permitted and everyone logs in as joeuser, a member of joeusergroup.
We want to start dabbling with “permissions,” specifically, we’d like for some areas of the server to be offlimits to most users. So we thought we’d take the next babystep and implement Open Directory. The goal is to make this transition as invisible as possible.
I’ve created an OD LDAP server and created an LDAP account for every individual user, but I’ve run into a snag. I thought I could make every “new” LDAP user a member of the group “joeusergroup”, but the name didn’t appear on the LDAP list of groups when I was setting it up. When I try to create one, I’m told one already exists and I have to choose another name.
I’m hesitant to pull the trigger by (1) deleting the original joeusergroup, then (2) creating an LDAP joeusergroup because I don’t want to disrupt 70+ person’s access to 175 GB of files without knowing exactly what will happen next.
I’d appreciate any advice and/or tips as to how to proceed. TIA.
.
.
Comments are closed