OS X Lion: Connecting to legacy AFP services

From QNAPedia
Revision as of 09:58, 26 October 2015 by Glenn (talk | contribs) (+Category:Troubleshooting)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


Learn how to enable legacy authentication methods for the AFP client in OS X Lion so that you can connect to older AFP servers.

Lion maintains a list of authentication methods that are not allowed. These are the older, less secure authentication methods. You may need to enable one or more of these methods to support legacy devices or protocols.

1. Open Terminal.

2. Execute the following commands:
    sudo chmod o+w /Library/Preferences
    sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_host_prefs_version -int 1

3. Make an AFP connection to another system so that the AFP Client preference file will be filled in with the default set of values. Note: You must connect as a registered user, not as a guest.

4. Execute the following command to see a list of the disabled User Authentication Methods (UAMs)
    defaults read /Library/Preferences/com.apple.AppleShareClient afp_disabled_uams

By default the disabled UAMs are "Cleartxt Passwrd", "MS2.0", "2-Way Randnum exchange", and "DHCAST128". Note: if you don't see a list, restart your computer and repeat step 3.

5. To enable one of these UAMs, remove it from the list of disabled UAMs. For example, this command enables DHCAST128 by removing it from the list of disabled authentication methods:
   sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_disabled_uams -array "Cleartxt Passwrd" "MS2.0" "2-Way Randnum exchange"

6. After the desired changes have been made, restore the permissions on the Preferences folder with this command:
    sudo chmod o-w /Library/Preferences

Reference Link