Sunday, April 24, 2011

Temporary Solution to AFP, SMB & NAS problems after OSX 10.6.7 update

Okay, so I'm not a command line expert.  When I owned my first Apple IIe years ago, I left the world of command line entries behind.  One of the beautiful things about OS X ( and Windows for that matter) is the lack of a need to know about command line entries.  However, the thing that separates new computer owners from the ones of my youth is the fact that those who grew up in the early days know exactly what is going on under those pretty little icons.

I have been spoiled by the Mac, after walking away from Windows 5 years ago.  But I remember in those early days of Mac Loving, I still had an interest in what was going on in the background.  I wanted to know why the disk drive kept running in the background (Usually Spotlight updating) or more mundane issues,  so I began learning a little about OSX.  As always I have books on the subject, but stopped buying any more books due to the fact that Apple updates its OS every 2 years, making physical books obsolete.

Coming from Windows I had to know about
file servers and a new nomenclature for file transfers, especially the ones that were strictly adherent to the Macintosh:  AFP (Apple Filing Protocol) instead of SMB (Server Message Block).  I needed to know these two separate protocols if I wanted to access a Windows Network Drive or the Windows XP machine that I used.  Additionally, file access to the Mac required the above knowledge in order to access and transfer files to and from the Mac.  With the advances of NAS drives, creating a wonderful extension to the hard drive on the computer, I had to keep up with being able to place and retrieve data from both machines regardless of which machine I was using.  To begin with, I hated SMB protocols because my disk would always disappear, especially when the machine was turned off.  With the machine off, DHCP would take over when I turned the machine on again and my wonderful SMB drive would have a new ip address and so nothing would work.  Live backups were a nightmare.  As I learned more, I realize now that I could have leased the DHCP address for a long time and that would have resolved the issue.

Although learning to use AFP on the Mac was new, it was much easier.  It kept track of the NAS drives even when I turned off the machine and rebooted it.  To be honest, using AFP was akin to having a disk drive sitting right next to me.  However, once in a while it wouldn't work.   Some of the Windows oriented NAS drives would not always respond to the SMB or AFP command.  This would happen in Windows and on the Mac.  However on the Mac I found a solution in one of the books.

With OSX 10.4 there was an interesting command in the command line that showed whether OSX would read/write to the NAS drive.  If written with a boolean command, you could set up a signal to show whether the drive is ready to read/write.   I recall in those early years, 2007 to be precise, how I would toil away trying to decipher why a drive wouldn't work.   It was these wonderful commands that set me free finally. 

I never thought that I would have to return to those days again because my newer network drives are so much more resilient.  First, not having Windows to deal with, I was able to use long file names and strange characters, something that we can now do in Windows 7.   Until I upgraded to OSX 10.6.7 I was in network Nirvana.



So, after upgrading my OSX Snow leopard 10.6.6 TO OSX 10.6.7 as a good Apple Netizen should do a few days ago, I was stunned to find that I could no longer write to my NAS drive.  I thought it was my virus protection acting up, so I turned it off and actually deleted it (I have since reinstalled it, since that was not the problem).  All transfers to and from the NAS drive would hang.  I then remembered the last time that this occurred.   It was during those early learning days.  I wrote it down on a note card.

It turns out that there is a command in OSX that when written with a Boolean request can tell you if the drive is accessible or not.   I believe that the latest update may have turned off a switch that enables Cleartext.  Cleartext is a ZeroConfig set up, meaning that you do very little to set up your network (a la AppleTV) since Apple takes care of all of this behind the scenes.  It is what enables your printer to "just work."  You can use names like "My_Printer" to signify that your printer is attached to a certain ip address hiding behind  your router (preferably an Apple Airport Extreme) and it will show up as "My_Printer.local"  something much easier to remember than 10.12.70.1 or something akin to that.

In reading the latest update, there is a mention of Apple correcting AFP mount errors and SMB mount problems.  Here is the full text from Apple:


Summary

In Mac OS X v10.5 and 10.6 you can use a URL in the form afp://myserver.mydomain.com/Sharepoint/Folder or the mount_afp command in Terminal to mount a shared volume on an AFP server.

Products Affected

Mac OS X Server 10.6, Mac OS X v10.6
In Mail.app or Safari, when you click on a URL in the form afp://myserver.mydomain.com/Sharepoint/Folder , the Finder will mount the volume named Sharepoint on the AFP server myserver.mydomain.com, and open a window showing the contents of the directory named Folder. If you drag the text of the URL to your Desktop, it will create an AFP link which you can double-click to open that folder.

The
mount_afp command can be used in a Terminal window or a shell script to mount a shared folder on an AFP server. For more information, type man mount_afp in a Terminal window.

Note
: The path at which the shared folder is mounted is different in Mac OS X v10.6 through 10.6.6 compared to other versions of Mac OS X. For details, see the Additional Information section below.

Additional Information

In Mac OS X v10.6 through 10.6.6, a URL that points to a file on the server (for example afp://myserver.mydomain.com/Sharepoint/Folder/File.txt) will not work. This issue is resolved in Mac OS X v10.6.7 and later.

In Mac OS X v10.6 through 10.6.6, if the target of the URL or
mount_afp command is a folder within the sharepoint, the folder will be mounted. In Mac OS X v10.0 through 10.5, and Mac OS X 10.6.7 or later, the sharepoint is mounted.
Example: afp://myserver.mydomain.com/Sharepoint/Folder

When you click on this link in Mac OS X 10.0-10.5 and 10.6.7 and later, the Finder will mount the volume Sharepoint. The local path to the shared folder will be /Volumes/Sharepoint/Folder/.


When you click on this link in Mac OS X 10.6-10.6.6 the Finder will mount the subdirectory Folder. The local path to the shared folder will be /Volumes/Folder/.



Example:
mount_afp afp://myserver.mydomain.com/Sharepoint/Folder /Volumes/mntpnt

In Mac OS X v10.5 and 10.6.7 or later, this command will mount the volume Sharepoint at /Volumes/mntpnt. The local path to the shared folder will be /Volumes/mntpnt/Folder/.


In Mac OS X v10.6 through 10.6.6, this command will mount the subdirectory Folder at /Volumes/mntpnt. The local path to the shared folder will be /Volumes/mntpnt/.

 


I think that somewhere along the road, they turned off the Cleartext switch.  Cleartext is used because the NAS drives are running behind a Router, hence there isn't really a need to encrypt passwords, although it is interesting to note that in Snow Leopard, Apple does not give you a choice of not using a password as they do with the AFP protocol when using SMB.   Regardless of whether a password is used or not, I was able to find out that neither an SMB nor AFP protocol would work on my NAS drive.  The Boolean query showed a " 0 " for the ability to write to the drive.  In discussing this with a Mac Guru and in going back to my meticulous notes that I took 5 years ago, the query is for Cleartext and it is found to be turned off by default.  But only after upgrading to 10.6.7.  On my other Leopard machine which does not have the update and that was never upgraded to Snow Leopard, no matter what I do, the boolean query remains at "1" meaning that it is writeable and accepts Cleartext.

What happens is this.  You log on to your computer (I am assuming that you are using AFP and using a MAC).  You click on to your Network Attached Drive somewhere in your house, apartment or office.  There is a delay.  The drive may or may not open at all.  If and when it does, everything looks okay.  You try to open a folder and the infamous equivalent to the BSOD (Blue Screen of Death on Windows) ensues -  The spinning Beach Ball.  Sometimes you can even get past the folder stage and the system will hang when you try to upload to the directory or download from it.  Or, heaven forbid, Time Machine decides to use it.  What you are left doing is trying to Force Kill the Finder.  That is something that is not nice, because it means that all of your icons disappear temporarily until the next boot up and you're left "hanging."  This is the so-called Kernel Panic.


With the knowledge that the Cleartext flag is turned off, I found that I could get some work done by turning it back on.   The technique used is listed below.  I should let you know that this worked for a while, but it seemed that I had to continue turning this on again, every time I turned on the machine.

Thus, if the solution listed does not work,  try the solution after this.   I tried two other solutions before finally finding one that eventually works for now.

Here is the old school tactic first:

1.  Check to see if cleartext is already enabled:

A.  Shut down the computer.
B.  Shut down the server, modem, gateway modem etc.  (basically shut everything off).  Then turn everything back on.
C.  Turn on your computer.  Go to the login where you plan to use the NAS drive.
D.  Hit the Spotlight icon (looking glass) and type in TERMINAL.  Click on the TERMINAL  icon.
E.  While in the terminal, type the following verbatim:

    

       defaults read com.apple.appleshareclient afp_cleartext_allow 

This should return a "1."  If it does then the problem should be solved.  However if the return is "1" but the problem persits,  then the problem with the read/write is different from what is described here and you will probably have to look elsewhere for a solution (in this case, the second solution that I mentioned below).  The first thing would be to make certain that the disk drive is turned on.

However If it returns a "0," then do the following:


2.  Turn on Read/Write: 

A.  Shut down the computer.
B.  Shut down the server, modem, gateway modem etc.  (basically shut everything off).
C.  Turn on your computer.  Go to the login where you plan to use the NAS drive.
D.  Hit the Spotlight icon (looking glass) and type in TERMINAL.  Click on the TERMINAL  icon.
E.  While in the terminal, type the following verbatim:


defaults write com.Apple.AppleShareClient afp_cleartext_allow -bool YES

Test the settings by going back to Step 1.  This should return a "1"  now.  If it does not, go to step 2 and try again.

 You should be able to complete your session without any further hiccups.

Unfortunately, I found that you have to go through this entire thing on all logins, so if you have other members logging in under different accounts, you have to do this again.


So, I wrote most of the above about 2 weeks ago after installing the update.  I had planned on installing Lightroom and using an External NAS drive for storage, but halted after running into this problem.  A problem that has made me shy away from using a NAS drive as an iTunes server. 

So, something came to mind a few days ago.  It was akin to the resolution of the FACETIME fiasco that I faced when I purchased my iPhone 4.  I recall that I had to reset my iPhone's network settings in order to use Facetime.   So I thought about doing the same thing for this issue of the "on again, off again AFP/SMB" switch.   Here is what I did:

Resetting Keychain Login for Nas Drive


1.  Go to Terminal.
2.  Type in "Keychain Access"
3.  Find the name of your Disk Drive login.  ie. "My_NAS.local"
4.  Erase the two files that have the AFP and/or SMB login to that NAS drive.
    (This assumes that you saved them to the Keychain).
5.  Restart your machine.
6.  Try to connect to the drive.


My results for this were mixed.  AFP worked but would hang occasionally.  SMB, surprisingly worked all of the time. 

I then tried one more thing.  I erased all of the network settings and started again from scratch.  The results were the same as before.  My conclusion:  AFP is BROKEN !  Why SMB works is beyond me, but the only thing that I have not done is to reinstall OSX SNOW LEOPARD. 

These are really Band Aid solutions.  I hope that Apple comes up with a solution to this problem as it affects Time Machine which is critical.   One worrisome point is the news that Apple will be abandoning the SMB file protocol in OSX Lion.  This may be a little early given the problems that many are now having with the AFP solution. 

 
I hope that this helps.  By the way, I am no OSX, Cocoa, Obective-C master.  I am far from it.  I just poked around and I have a few really good books that I look at from time to time; not to mention the bulletin boards.  If you have any suggestions please leave them in the comments.  Especially if you find any mistakes above.

Thanks for reading.



2 comments:

  1. Outstanding insight! I have a new iMac and am getting lots of kernel panics waking from sleep. I have a Synology NAS connected to it via a router, which is working normally in terms of I/O.

    The kp backtraces mention the Apple kexts for AFPFS & SecureRemotePassword.

    I'm also running Lion DP4, but I still got "0" returned from the query, and your trick to flip it still worked...

    Will watch & wait, but definitely plan to include a link to this page next time I file a crash report...

    Many thanks!

    ReplyDelete
  2. Anon:

    Thanks a lot for the kind words. There is definitely something wrong with AFP since the update mentioned above. I decided not to update my MBP and it is still running Leopard, with AFP working flawlessly.

    AFP is a disaster since february and the update mentioned above still works. However, there is still a problem in moving back and forth, ie. Uploading and downloading. Uploading to the NAS works fine, but downloading does not. The Kernel panic that you mentioned above happens after about 100kb. Again, you can use the workaround above, but it's probably just a lot easier to use the SMB file protocol; although it is a little slower and you have to sign in all of the time, it works flawlessly.

    This AFP problem is also probably accountable for the crazy streaming issues noted with the Apple TV as well. I am going to publish a little article about one more thing that needs to be set on your Mac to ensure smooth sailing.

    Again, thanks for the kind words and I am very happy that the published solution (which is not totally my own) works for you.

    ReplyDelete

I will be trying unmoderated comments for a while. If this gets ridiculous, then I will have to move to moderating the comments once again.

Google