Sign in with
Sign up | Sign in
Your question
sticky Closed

Enabling file sharing from a Windows 7 to Windows XP/Vista Machines

Last response: in Networking
Share
December 16, 2010 2:11:38 PM

There have been many requests regarding how enable file/print sharing from XP to Windows 7 machines and vice versa. With this guide, I will explain how to do this as well as some main security settings you might need on your Windows 7 machine(these are necessarily needed but in the case of security, it would be a good idea to set them.) Since Windows Vista and XP machines are disallowed to join the “HomeGroup” that is default in Windows 7, we will show you how to “get around” this issue so you can adequately share files from your Windows 7(from now on this will be referred to as W7 for brevity) machines to Legacy OS machines.

First, we want to setup a workgroup that all of your machines are in; this will enable your W7 machines to see and transfer/receive files, folders, and printers to/from legacy OS machines. From W7 machines, you will need to right click on “Computer” in your start menu and click “properties” then click the link for “Advanced system settings." On the Computer name tab by default, your Workgroup should be named WORKGROUP. (Note: You can change this if you wish, just remember to change it on all machines on your network.) If you are not part of a workgroup, Click change and you can set what workgroup you want to be part of (again by default it is named WORKGROUP.) If you change this, you will need a reboot.

For Legacy OSes (Windows XP and Vista), you will need to right click on “My Computer” and go to properties. Again select the “Computer Name” tab and you can place yourself in the designated workgroup. A reboot will be required.

After you have setup the workgroup, on your W7 machine go to “Control Panel” then, “All Control Panel Items” then, “Network and Sharing Center” and finally click “Change advanced sharing settings.”

Under the Home or Work (Current profile) dropdown, you will need to set a few things.
1. Turn on Network Discovery
2. Turn on File and Print Sharing
3. Turn on sharing so anyone with network access can read and write files in Public folders
4. Turn off password protected sharing (located in Advanced Sharing Settings at the bottom of the page)
5. Click Save Changes


After you have done this, you should be able to go to your “Network” on your Computer Window (where it shows your directory; IE. C Drive, D Drive, Documents, etc.) and see all the machines in your workgroup (or network.)

Now let’s move onto Printer Sharing:

From your Devices and Printers menu (in your start menu), Open the printer you want to share(right click and open or either double click.)

Double click “Customize your Printer”.

This will open a window; select the “Sharing” tab. Click on the “Share this printer” radio button and name your printer as well as click the “Render print jobs on client computers” radio button. If you have the XP OS x86 (non-64 bit version), you will also need to click the Additional drivers button and select the x86 - Type 3 – User Mode button and make sure it says no. (Note: When XP clients connect and if they do not have the drivers, your machine will install the drivers for them.)

For verification, you can go back to your network on your W7 machine and you should be able to see all your shared folders, printers, and any shared folders on any legacy machines (after you have joined them to the workgroup.)

Hopefully, this will clear up any issues with correctly setting up your network to be compatible for file sharing to/from W7 to XP machines and vice versa.

Now let’s focus on some security settings you may want to setup on your W7 machine to ensure the safety of your files, folders, and whatnot. This part of the guide will be simplified but should only be done if you are a more experienced administrator of the machine as it can cause issues with those who don’t fully understand what they are setting (However, I will do my best to explain each setting.)

First, you are going to open a run command box. (“windows key +r key” simultaneously or start and type in the search box.) Now type in “GPEDIT.MSC” This will open your local Group Policy editor. For this guide, we will only focus on the following structure; Local computer Policy, then Computer Configuration then, Administrative Templates. These will be set to ease your network configuration as well as provide extra security for auditing and file locations. (For clarification in this guide, I will add the file structure of where these policies are located, IE. Instead of “Computer Configuration\Administrative Templates\Windows Components\Windows Media Player” I will just put “Windows Components\Windows Media Player” for brevity and they are under the same structure.)

Under \Windows Components\Event Log Service\Setup

“Turn on logging “

Set to enabled. This will enable logging for all events for security/auditing/troubleshooting purposes.


Under \System\Group Policy\Logging and tracing set the following:

“Configure Network Shares preference logging and tracing”

Set to enabled and turn tracing off. This allows you to log any errors or access to network shares.


“Configure Drive maps preference logging and tracing”

Set to enabled and turn tracing off. This allows you to log any errors or access to mapped drives.


“Configure Files preference logging and tracing”

Set to enabled and turn tracing off. This allows you to log any errors or access to files and their preferences.


“Configure Folder options preference logging and tracing”

Set to enabled and turn tracing off. This allows you to log any errors or access to folder options and their preferences.


“Configure Folders preference logging and tracing”

Set to enabled and turn tracing off. This allows you to log any errors or access to folders and their preferences.


“Configure Local Users and Groups preference logging and tracing”

Set to enabled and turn tracing off. This allows you to log any errors or access to/by Local users and groups.


Under \System\User Profiles, set:

“Only allow local user profiles”

Set to Enabled. This allows user to logon across the network and basically builds a roaming profile for any user that connects. This will save time in the future.


Under \Windows Components\Windows Media Player set

“Prevent Media Sharing”

Set to disabled. This allows your main computer file share to allow haring of all media files. (IE. Music mp3’s, videos, pictures, etc.)


If you are using BitLocker on your W7 machine(which I recommend and this setting is only for W7 family)go to \Windows Components\BitLocker Drive Encryption\Fixed Data Drives

“Configure use of passwords for fixed data drives”

Set to enabled. This allows you to set a password for encrypted files such as expense reports, pictures, etc.


Under \System

“Do not automatically encrypt files moved to encrypted folders”

Set to disabled. This allows file transfers to automatically encrypt the files that are transferred to/from an encrypted source, thus retaining its encryption.


Under \Printers

“Disallow installation of printers using kernel-mode drivers”

Set to disabled. This will allow all legacy machines to load the printer drivers locally.


Under \Network\Offline files

“Exclude files from being cached”

Set to enabled. This disallows files to be cached on your local machine if you shared folder is disconnected.


These next settings are just for users using RDP or Remote Desktop.


Under \Windows Components\remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection

“Do not allow drive redirection”

Set to disabled. This allows for local drives to be automatically mapped via \\TSCLIENT\C$ (et.al.)


“Do not allow supported Plug and Play device redirection”

Set to disabled. This allows for Plug and Play devices to be automatically mapped via \\TSCLIENT\C$ (et.al.)


“Do not allow clipboard redirection”

Set to disabled. This allows for the clipboard to be automatically mapped so you can copy/paste text, files, and folders to the remote machine


Under \Windows components\Remote Desktop Services\Remote Desktop Connection Client

“Prompt for credentials on the client computer”

Set to disabled. This allows you to not have to enter credentials every time on your local machine when going over the network.


As a note, these settings are for more experienced users (like I said previously) and may decrease your security to some extent, but that is why it was shown how to log all content that happens through this process.


Additional Info:

Windows Bulletin on File Sharing for Vista: http://windows.microsoft.com/en-US/windows-vista/Enable...

Another Windows bulletin on File Sharing: http://technet.microsoft.com/en-us/library/bb727037.asp...

Article on GPEDIT.MSC and Group Policies: http://vlaurie.com/computers2/Articles/group_policy_edi...

BitLocker Drive Encryption Wiki: http://en.wikipedia.org/wiki/BitLocker_Drive_Encryption



Hope this helps, as always; protect yourself and have a nice day,
-mrface
January 19, 2012 5:57:04 PM

This topic has been closed by Mrface
!