What to do if the AFP service needs to be restarted periodically?

Listen to me!
Audio MP3
download mp3

Recently, after upgrading my Mac Mini Core 2 Duo (turned into server) to Snow Leopard Server 10.6.4, I started experiencing a very annoying problem, the AFP service was periodically stopping to share the chosen folders (Shared Points) to the clients.

I noticed that this is sometimes related with the server resources and performance.
For instance the AFP may stop working properly during intensive file transfer such remote backup via TimeMachine or when another service is keep the CPU at 100% usage.
It especially happens in my MacMini as the RAM is limited to only 1GB and then a lot of disk activity is generated for swapping.

Basically the service is not crashed or discontinued, the AFP server process is still running and still allows the users to log in from any workstation connected, the problem is that once logged in the users is able to see only its own home folder but all the other Shared Points configured in the Server Admin control panel are not listed.q

The solution has been for a long while to periodically monitor the service and when I noticed the misbehaviour I restarted the service and in a few second the users were able to connect to all the shared points again.

I wasn’t happy with this inelegant solution, so when I had a little of spare time I investigated better the problem and I found an old thread on the Apple Support page, it was describing the same issue performing on Leopard server 10.5 series:

http://discussions.apple.com/message.jspa?messageID=6145016

Apparently for the Leopard server the solution is a little tricky and involve a script that periodically toggle the Guest Account access option.

Then the idea, EUREKA! CARAMBA! I had a little check and I found that for security reasons I disabled the access for the Guest Account.

The Solution has been quite fast, I enabled again the Guest Access to the AFP service from the Server Admin, AFP service, Settings panel, Access tab (as shown in the picture below). This fix is still woking for me and the service never stopped again!

AFP Settings Access GuestAccess What to do if the AFP service needs to be restarted periodically?

AFP_Settings_Access_GuestAccess_Toggle

Anyway I wanted to prevent access to the Shared Points of the AFP services to the Guest Account so I disable the Guest Account specifically for each Shared Point.

From the Server Admin, AFP service, Shared Point panel, I selected the Shared Points individually, I accessed the Protocol Options and I disabled the Guest Access toggle (as shown in the picture).

AFP SharedPoint GuestAccess What to do if the AFP service needs to be restarted periodically?

AFP SharedPoint GuestAccess Toggle

Doing so I allow the Guest Access to log in to the AFP service but I prevent it to use any Shared Point (shared directory). For further security it’s possible to limit the access to the AFP service to a selected number of user groups (they must NOT include the Guest account as their member) through the Services Access settings of the Server Admin tool, according to my experience this is as a ‘best practice’ operation that we should apply in most of the AFP servers we set up.

Please feel free to reply this thread if you have found better solutions to this issue.

Comments

comments

Powered by Facebook Comments

About marcomc

Marco M.C. is a System Administrator with 10 years of professional experience in ICT. He has deep knowledge of Mac OS X, Windows, and GNU/Linux. His hobbies vary from DIY, Traveling, learning foreign languages and especially he love to cook and experiment with food from all around the world.
This entry was posted in Apple & Mac, IT, Troubleshooting and tagged , , . Bookmark the permalink.