TIP: Connecting to older AFP NAS devices with Mountain Lion

Monday, March 11, 2013

Geoff Howard sent us a solution to the problem of getting Mountain Lion to work with some AFP network attached storage (NAS) devices. He basically describes Apple's solution for Lion, which is to enable older authentication methods on the Mac, but adds more detail:

We have had a number of users report they are no longer able to connect to some of our NAS devices, which are running older AFP protocols, since being upgraded to Lion and Mountain Lion. Attempting to connect to these servers results in the following error message on the Mac:

"There was a problem connecting to the server xxx. / The version of the server you are trying to connect to is not supported."

I determined that Lion maintains a list of authentication methods that are not allowed. These are older, less secure authentication methods with one or more needing to be enabled to support legacy devices or protocols.

I performed the following procedures on a lab Mac (better safe than sorry):

1. I opened Terminal and executed the following commands:

sudo chmod o+w /Library/Preferences

sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_host_prefs_version -int 1

2. I made an AFP connection to some available server so the AFP Client preference file would be filled in with the default set of values.
3. I executed following command to see a list of disabled User Authentication Methods (UAMs):

defaults read /Library/Preferences/com.apple.AppleShareClient afp_disabled_uams

The following User Authentication Methods should be listed:

Cleartxt Passwrd
MS2.0
2-Way Randnum exchange
DHCAST128

4. I enabled all of the above listed UAMs by removing them from the list of disabled UAMs using the following Terminal command:

sudo defaults write /Library/Preferences/com.apple.AppleShareClient afp_disabled_uams -array:

Note: All UAMs were enabled as method used by our servers was either unknown or varied.

5. Restored permissions on Preferences folder with following command: sudo chmod o-w /Library/Preferences
6. Once I verified the modified file resolved the connection issues I transferred the file to the following location on all systems exhibiting this behavior and reset permissions: /Library/Preferences/com.apple.AppleShareClient

Note: Prior to installing modified file under Lion original file was renamed by adding "(Disabled)" to end of name.

An interesting observation here... Under Mac OS X 10.7.x a *.plist file was being replaced. Under Mac OS X 10.8.x an original *.plist file was not even present so the modified version was just added.

So far so good with all systems modified as noted above now accessing the previously non-accessible NAS devices w/o issues. Since these are all internal systems connecting to internal NAS devices we were not concerned with the "Éolder, less secure authentication methodsÉ" issue.

(I found this fix somewhere out on the Web so I cannot take credit.)

If you've tried this procedure for your Mountain Lion Macs .

Follow us

Popular Problem Solving Topics

• Lion and Active Diretory tips and problem reports
• Mac and Windows server file and print sharing tips and problem reports
• Problems and fixes with Snow Leopard and file sharing
• iPhone and Exchange Sever tips and problem reports
• Outlook for Mac and Exchange tips and problem reports
• A list of third-party cross-platform networking solutions

Running Windows on Macs

• Running Windows with Apple's Boot Camp: problems and fixes
• An overview of solutions to run Windows on Macs
• A comparison of Windows on Mac, and Mac on Windows, products past and current
• VMware Fusion 5 integrates with Mountain Lion, Win 8, boosts speed

---