Win7<->winXP share folders help

[sunnyimran]

MY HOME NETWORK QUESTION
------------------------------------

Need to ask a simple thing about 'Protected File Sharing'



scenario:

I have a small network at home

-few PCs, some running win7 / some Win XP SP3

PC-A winXP, PC-B win7, PC-C ....

-all are on same windows workgroup

-one DSL modem ( 1x Ethernet interface out )

-switch 10/100Mbps 8 port conencting all these together
DSl modem out Ethernet interface connects to UPLINLK port of my switch.

all PCs are able to acces internet through this DSL modem.


WHAT I WANT?

I want to share All Partitions of PC-A with ONLY one of my PC-B Win7 machine ( name it )

i-e sharing all partitions of PC-A with only PC-B

not share anything from PC-B on network.






PC-B should have full access with full permissions to all partitions of PC-A , but no other PC should have access to PC-A items (except for items of PC-A which I explicitly allow).

and no other PC on the network should have access to any content of PC-B


Current Configuration:

I shared all drives of PC-A with 'allow network users change my files' enabled.


Results:

on PC-B

by browsing network or by using RUN: \\<compname> in RUN command

-> i was able to see PC-A
-> i was able to see the root contents of all shared drives of PC-A
-> when i double click any folder or icon in root of these shared folders, it said u can't access this item,

after long hours of troubleshooting,

on PC-A -> computer management -> Shared Folders -> Shares (shows all default shares C$, D$, .... and all my shared drives of this PC-A)
-> sessions (
-> Users

it showed that PC-B is connected with Guest account.

first I tried a lot on PC-B (Win7) to connect to PC-A with other accout credentials (used account of Administrator group of PC-A )
But it did not connect.

Then I disbaled Guest account on PC-A (WinXP)

Now I am able to have full access read/write/delete... on shared partitions.


Q. Is It so, that win7 machines connect to network shared items with GUEST account by default?

Q. If yes, how can we choose to connect to shared items ( and Network with different credentials selectively ) ?


Q. please suggest some tips for my above scenario

Q. what are default shares d$, C$, ... IPC$ ... ? who have access to them

 

[karlh]

Great questions. I don't know how it would interact with Win7, but I've always had better luck with shares and XP buy turning simple file sharing "off". Using simple file sharing often led to inconsistent results when making changes. It it were me, I'd be concerned that the simple file sharing was creating a variable instead of a control. I'll be watching this thread though because I've had similar questions about Win7 shares.

Good luck!

 

[sunnyimran]

Well, I am going through, trying one thing or the other

I will share when something happens

but nobody wants to peek in?

 

[riser]

Reading through it. Might have an answer shortly.

 

[riser]

Q. Is It so, that win7 machines connect to network shared items with GUEST account by default?

Q. If yes, how can we choose to connect to shared items ( and Network with different credentials selectively ) ?


Q. please suggest some tips for my above scenario

Q. what are default shares d$, C$, ... IPC$ ... ? who have access to them

Ok here we go.

Guest account will be the default, limited access, when there are not matching accounts. By matching accounts I mean that both PCs will need to have the same user name and same password.

PC A:
Username: Jim
Password: Access

PC B:
Username: Jim
Password: Access

Now that both accounts are setup on both computers, PC A can validate Jim from PC B as a network user for PC A.

C$, D$, IPC$ - These are Administrative shares. They're always shared out. The "$" makes them hidden when searching for them on the network. If you type in \\computername - you don't see C$, D$, IPC$ shares. But if you type in \\computername\C$ you will get prompted for an account - which will need to have administrator rights on the PC it is trying to access. If you're trying to access that share with an administrator account (if Jim were an administrator on the PC he's trying to access use the UNC of \\computername\C$) he would get access without being prompted.

When PC B tries to connect to PC A, it passes the username/password of the currently logged on person of PC B to PC A. If that user does not exist on PC A, Guest will take over and allow limited access. Its basically allowing Anonymous access. Create PC B user on PC A and you'll have access (kind of, next step will explain).

By default, access is restricted. When you share on the C drive and D drive, you'll have to grant access to the user or group. Generally you have "Full, Modify, and Read." Full access allows the user to change permission settings. Not really the best way of doing it. Modify gives full rights but does not allow them to change the share permissions. (generally accepted rule when granting share permissions). Read or Read Only means just that. They can read but nothing else.

So, if you want you'd have to go onto your C drive, go into the Sharing and change the permission to allow Jim (or your accounts you've created) access to the folder. I would avoid using and changing the C$ D$ admin shares. I would create a new share C and D (without the $ which hides the share). Grant your user (or create a group, add your user to that group, and add the group to the share) ---- grant your user or group Modify access on the permissions. As stated before, "Network users can change my files" will give them the rights to change the files.

When dealing with Shares and Security, you have 2 features. Its kind of confusing in a way. You can give someone access to your files and you can give them access to your share. If they want to connect to the share \\computername\c - they have to have access. If you want them to modify your files, they also have to have access. Its kind of a check and balance. I wouldn't worry too much about that right now but know that you can give permissions out on the "Share" and permissions on the "Files". The file permissions would actually be NTFS, the Share permissions would be Network related.

Hope that helps. If you have any questions you can post them up and I'll do what I can to break it down to explain it better for you.

 

[sunnyimran]

Thanks a lot riser,

things seem a bit clear after your post, I need to give them more thought.

new situation:

I have managed to have this change:

-> PC-A and PC-B have same user account/pass now.

-> Guest account on PC-A ( XP PRO SP3) is now disabled.

-> Firewall in ON with exception of file and printer sharing.


Now on PC-B ( win7 ult)

ping to PC-A destination not achievable.

Network shows nothing ( neither this PC-B nor PC-A ) ( network type: 'public network' in win7 with network discovery enabled)

also I can't establish a Remote Desktop connection to PC-A


RUN:\\<ip>

shows shared drive with full access



Again changed in PC-A

Firewall Disabled, rest is same


now from PC-B

Network shows both computers PC-B and PC-A

Can't access PC-A contents, asks for credentials
I used same account as on PC-A ( actually now also on PC-B) but it does'nt accept and login screen again and again. No access

same from RUN window. not accepting credentials





Now if I turn on Guest account again on PC-A

everything is clear and I do have access on shares, furthermore, it does'nt ask for credentials

stillmore that, now other win7 machines also have access to that shares.( which is not wanted).

I NOW CAN establish a Remote Desktop connection to PC-A

----MY conlcusions--->

win7 is able to provide guest credentials when connecting to PC-A and somehow it is not accepting admin account created for this purpose in PC-A

on Win7 machine PC-B, its own login ac is same as PC-A
network type: Public, with network discovery enabled.

shortly: only Guest account is working from win7 PC-B to PC-A if guest is enabled on PC-A no other account works to access share.

Q. is it because the same account created on PC-A and PC-B is from Administrator group in both PC's ?



please suggest now

also Q. Who can have access to default shares c$.... on network ?

 

[sunnyimran]

waiting for reply
anyone?

 

[sunnyimran]

Nothing to suggest ?

 

[das_stig]

A friend of mine created this ..

http://forum.ftireloaded.net/viewtopic.php?t=120803

 

[sunnyimran]

Thanks Das_Stig,

sharing folders hosted on a win7 machine, to others is not much problem,

My problem is to get access to shares hosted on a win XP machine, without using home group, that's been a problem.

After so many days, I came to this conclusion:

win 7 machine connects to win xp shared folders as GUEST account only.
If I try to give it user credentials of win XP machine, does'nt accept.

I have success in access if GUEST account is enabled on WinXP (hosting shares).

if i disable GUEST account in Win XP machine, I have no access from win7 PC.


that;s the problem.

 

[sunnyimran]

Riser are you still there
can you help

 

[rbvett]

I have a commo problem. I have win XP running on a Dell XPS desktop and win 7 running on a HP Pavilion laptop. I run everything thru a Linksys WRT54G router at my home.

I changed the workgroup on the win 7 machine to "MSHOME" to match the desktop's work group. I can move files from/to the Dell desktop when working from the HP laptop. When in the Dell desktop I cannot open the HP laptop directories from windows explorer. I see the laptop in windows explorer, but get an error message when I try to open a laptop directory - says "ronshp\c is not accessible. You might not have permission to use this network resource". I have set all the permissions on the laptop, but still cannot get access to the laptop from the desktop.

Suggestions please !

Ron
rbvett@yahoo.com

 

[sunnyimran]

As far as I see it ,

WORKGROUP should be same in all PC's

Win7 introduced Network Locations also,
that is one 'type' of network out of three available choices

Home network ( least secure, easy share everything )
Work network ( moderate )
public network ( most secure in terms of sharing, does'nt allow sharing easily )


so check your configuration in Win7 for network location



Quoted from win7 help ......

Choosing a network location

The first time that you connect to a network, you must choose a network location. This automatically sets the appropriate firewall and security settings for the type of network that you connect to. If you connect to networks in different locations (for example, a network at your home, at a local coffee shop, or at work), choosing a network location can help ensure that your computer is always set to an appropriate security level.

There are four network locations: ..........