[Samba] Mac OS X / MS Office save issues and possible .TemporaryItems fix

Nathan A Friedl nate at northwestern.edu
Tue Oct 18 08:49:56 MDT 2011

> -----Original Message-----
> From: Craig White [mailto:craigwhite at azapple.com]
> Sent: Saturday, October 15, 2011 3:06 PM
> To: samba at lists.samba.org
> Subject: Re: [Samba] Mac OS X / MS Office save issues and possible
> .TemporaryItems fix
> On Sat, 2011-10-15 at 15:53 +0000, Nathan A Friedl wrote:
> > We have an issue where Macs that try to save MS Office files on our 3.5.11
> samba servers occasionally get error messages such as "There has been a
> network or file permission error.  The network connection may be lost.”
> When this happens, the user often has to save the file to their local drive and
> then copy it over to the network share.
> >
> > After doing some research, we suspect the issue may be related to the
> .TemporaryItems folder that MS Office creates on any drive that it opens a
> file on (described here:
> http://prowiki.isc.upenn.edu/wiki/MS_Office_and_Network_Volumes ).
> MS Office apparently continually modifies the permissions on this folder and
> can occasionally prevent a user from opening a file due to wonky
> permissions.  Yesterday we created a .TemporaryItems folder for every
> share and set the default acl to be rwx for all, as there's no way that Office
> should be able to change that.  We're hoping that will solve the problem, but
> we've been unable to replicate these problems ourselves so we're just
> waiting to see if the errors appear again.
> >
> > Are we on the right track here, or do you suspect something else may be
> going on?  Do you have any suggestions for other things to try?
> >
> > Additionally, we've been having a hard time determining a good logging
> level.  When we up the logging, the Macs can rotate the logs quite quickly as
> they "touch" every file in a folder whenever the folder is opened.  What
> would your suggestion be for a proper logging level to monitor these issues?
> >
> > Thanks for your time,
> ----
> gosh that's a real old problem and the solution is painful. You should be able
> to google the issue/resolution.
> The issue is that one each local Macintosh, the first user created is uid #500
> and the next is #501, etc.
> On probably about 70% of the Mac's, the primary user is the only user and he
> is uid 500. Likewise, other users simultaneously open files on the server with
> the same uid # and Microsoft Office just plays havoc (I wonder if they fixed
> this problem with Office 2008?)
> Anyway, the only way to permanently fix this problem is to have unique
> UID's assigned to each user on each Macintosh (at one location, I used LDAP
> for authenticating users on each Mac).
> The user can also 'copy' existing files from the server to their desktop, make
> their changes and then move it back to the server when they are finished
> (ugh).
> Otherwise, you can use Libre Office which doesn't suffer from the same
> issues  ;-)
> Craig

Thanks for the advice Craig.  I should have mentioned that we're in the process of binding our Macs to our Active Directory domain.  We've got Services for UNIX installed on the domain servers and have verified that they have the correct domain uids when logged into their Macs.  Oddly enough, some domain users have still had these Office problems on their home shares (which only they have access to).  In addition, some of the complaints have come from Office 2011 users, so it doesn't appear that Microsoft has changed anything.

We are hopeful that forcing the rwx acls for all users on the .TemporaryItems folder has resolved this (we've had no reports of these problems since before we made the change on Friday), but I wanted to check and see if anyone has any other ideas for things we could be looking at here...and suggestions for the proper logging level to help monitor this issue.


More information about the samba mailing list