Find out how to set up the File Sharing service, modify Share Points, and configure Share Point access on your OS X Server.
One of the most common and widely-used services found on a server is file sharing. According to Wikipedia, “File sharing is the practice of distributing or providing access to digitally stored information.”
It is this very reason -- alongside the ease of management -- that makes server-based file sharing ideal for both end users and administrators alike. The centralized model structure allows for admins to authorize (or deny) access to objects, ranging from singular files to entire directories with minimal effort. The security implementation also makes the process simple for groups of users to gain access based on common permissions, plus fine-grain tuning for a specific user, if necessary.
Let's take a closer look at file sharing on OS X Server.
I. Setting up the File Sharing service
Follow these steps to set up the file sharing service on your OS X Server:
- Launch Server.app from the Applications folder
and select the OS X Server you wish to manage (Figure A)
- Login with Administrative credentials (Figure B)
- Once the console launches, click File
Sharing from the services pane (Figure
- By default, File Sharing is turned off with OS X, so toggling the switch from OFF to ON will start the file sharing
service* (Figure D)
* Note: Turning on the file sharing service is only part of the task. As files/folders are added, additional steps will be necessary to add them to the server for end users to access. Also, security needs may change what type of access specific users will require, while other groups of users may even be denied access altogether to sensitive documents.
II. Add/Modify Share Points
Here are the steps to add or modify Share Points in OS X Server:
- From the Share Points tab of the File Sharing services pane, all folders identified as shared resources will be listed (and may be edited here as well)
- To add a new shared folder, click the plus sign [+] (Figure E)
- Click the New
Folder button from the list or select an existing folder (Figure F)
- If you're creating a new folder, provide a name for the
directory and click the Create button (Figure G)
- Once it's created, select the newly created folder to
highlight it, and then click the Choose button to add the folder to the list (Figure
III. Configuring Share Point access
Follow these steps to configure Share Point access:
- Click on the directory you wish to modify access
to from the File Sharing pane, then click the cogwheel icon and select Edit Share Point… from the drop-down
menu (Figure I)
- In the settings menu for the directory, user
accounts and/or security groups can be added or removed as desired (Figure J)
- You can specify how the directory will be shared with clients -- Windows, Apple, or iOS -- and restrict Guest access or AFP protocol access for home directories as needs arise. Click Done to commit changes to the directory.
- Lastly, an optional greeting message can
be configured to display to users when trying to access shared resources. To
configure a message that pertains to all shared folders, click the cogwheel icon and select “Edit Greeting…” from the
drop-down menu (Figure K)
- From the new window that opens, enter
your message to clients that will be connecting to the share(s), and click Save (Figure L)
File sharing can be both a simple and difficult task for an administrator to implement and manage securely and successfully. The key (and best practice) is to plan effectively first and double-check your implementation before (and after) placing it onto a production environment.
Consider the old carpentry motto, “Measure twice, cut once.” Not only will this help you sniff out any possible security issues before they occur, but it may also allow for a more effective way to implement access by using security groups strategically in a targeted manner as a means to cover as much of the generic access as possible.
Have you run into any difficulties with file sharing on your OS X Server? Share your experience in the discussion thread below.