Vista Forums - View Single Post

08-11-2007

"Malke" wrote:

> Dooferlad wrote:
> > Hi,
> >
> > I have just got myself a Vista machine and I am having a lot of trouble
> > getting it to talk to some machines on my network. My other computers can see
> > each other and access files on each others shares just fine. From Vista I can
> > access a share on my 2000 box, but not the XP or Linux boxes. Neither have
> > firewalls on and I can list the shares on both machines, but can't navigate
> > into them.
> >
> > I have checked the Net BIOS settings on the 2000 and XP machines, both have
> > it enabled. Since I can see the machines and the share names I assume there
> > isn't a name lookup issue. No password is asked for unless the share is
> > protected. Under 2000 if I have the guest account the shares can be accessed
> > by Vista without a password, and if guest is disabled a username/password are
> > asked for and then it works. All other shares are not password protected with
> > the guest accounts enabled.
> >
> > Any ideas? Copying files to my 2000 machine or a USB hard disk is getting a
> > little irritating.
>
> You can network Vista with XP and with Linux. You have to do some extra
> work for Linux, but nothing big at all. Since you apparently already
> have set up Samba correctly so you can share files on the Linux box with
> XP, I won't bother adding that bit to the instructions below except to
> remind you to add your Vista users to both the general Linux users *and*
> to Samba users with smbpasswd.
>
> A. For the Windows networking part:
>
> This link will take you through Vista networking very well:
>
> http://www.microsoft.com/technet/net.../vista_fp.mspx
>
> Problems sharing files between computers on a network are generally
> caused by 1) a misconfigured firewall; or 2) inadvertently running two
> firewalls such as the built-in Windows Firewall and a third-party
> firewall; and/or 3) not having identical user accounts and passwords on
> all Workgroup machines; 4) trying to create shares where the operating
> system does not permit it.
>
> Here are some general networking tips for home/small networks:
>
> 1. Configure firewalls on all machines to allow the Local Area Network
> (LAN) traffic as trusted. With Windows Firewall, this means allowing
> File/Printer Sharing on the Exceptions tab. Normally running the Network
> Setup Wizard on XP will take care of this for those machines.The only
> "gotcha" is that this will turn on the XPSP2 Windows Firewall. If you
> aren't running a third-party firewall or have an antivirus with
> "Internet Worm Protection" (like Norton 2006/07) which acts as a
> firewall, then you're fine. With third-party firewalls, I usually
> configure the LAN allowance with an IP range. Ex. would be
> 192.168.1.0-192.168.1.254. Obviously you would substitute your correct
> subnet. Do not run more than one firewall.
>
> 2. With earlier Microsoft operating systems, the name of the Workgroup
> didn't matter. Apparently it does with Vista, so put all computers in
> the same Workgroup. This is done from the System applet in Control
> Panel, Computer Name tab.
>
> 3. Create identical user accounts and passwords on all machines. If you
> wish a machine to boot directly to the Desktop (into one particular
> user's account) for convenience, you can do this. The instructions at
> this link work for both XP and Vista:
>
> Configure Windows to Automatically Login (MVP Ramesh) -
> http://windowsxp.mvps.org/Autologon.htm
>
> 4. If one or more of the computers is XP Pro or Media Center:
>
> a. If you need Pro's ability to set fine-grained permissions, turn off
> Simple File Sharing (Folder Options>View tab) and create identical user
> accounts/passwords on all computers.
>
> b. If you don't care about using Pro's advanced features, leave the
> Simple File Sharing enabled.
>
> Simple File Sharing means that Guest (network) is enabled. This means
> that anyone without a user account on the target system can use its
> resources. This is a security hole but only you can decide if it matters
> in your situation.
>
> I think it is a good idea to create the identical user
> accounts/passwords in any case when Vista machines are involved and it
> isn't an onerous task with home/small networks.
>
> 5. Create shares as desired. XP Home does not permit sharing of users'
> home directories (My Documents) or Program Files, but you can share
> folders inside those directories. A better choice is to simply use the
> Shared Documents folder. See the first link above for details about
> Vista sharing.
>
> B. For the Linux networking part:
>
> From Michael Bishop (MS) - Basically, the issue with Samba and Vista is
> that Vista no longer permits LM or NTLM authentication by default; only
> NTLMv2. Samba versions 1.x and 2.x only support LM and NTLM, so there's
> an issue there.
>
> Recommended solution: upgrade to Samba 3.x and enable NTLMv2 by adding
> "client ntlmv2 auth = yes" to your smb.conf file. Because of another
> issues with previous versions, I strongly recommend upgrading to 3.0.22
> or later regardless of your choice for this particular instance. Since
> this is an actual Linux box and you have access to smb.conf, I would do
> this first and test.
>
> Alternate solution: change Vista's security settings to permit
> lower-security authentications. (as below)
>
> To enable Windows Vista to connect to Mac OS X with Windows File Sharing
> enabled, you will need to change the following policy in Windows Vista:
>
> Start>Run>secpol.msc [enter]
>
> Click on "Local Policies" --> "Security Options"
>
> Navigate to the policy "Network Security: LAN Manager authentication
> level" and double-click it to get its Properties. By default Windows
> Vista sets the policy to "NTVLM2 responses only". Use the drop-down
> arrow to change this to "LM and NTLM – use NTLMV2 session security if
> negotiated".
>
> In Vista Home Premium, you won't have this tool so per Steve Winograd, do:
>
> 1. Run the registry editor and open this key:
>
> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
>
> 1. If it doesn't already exist, create a DWORD value named
> LmCompatibilityLevel
>
> 3. Set the value to 1
>
> 4. Reboot
>
>
> Malke
> --
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
> MS-MVP Windows - Shell/User
>

I am having a problem connecting vista to my 2000 machine. It's the reverse
of the Dooferlad post: I was able to configure XP... but not the 2000. Any
advice?

Thanks!

08-11-2007	#5 (permalink)
gamequest Guest n/a posts	Re: Vista / XP / 2000 / Linux networking "Malke" wrote: > Dooferlad wrote: > > Hi, > > > > I have just got myself a Vista machine and I am having a lot of trouble > > getting it to talk to some machines on my network. My other computers can see > > each other and access files on each others shares just fine. From Vista I can > > access a share on my 2000 box, but not the XP or Linux boxes. Neither have > > firewalls on and I can list the shares on both machines, but can't navigate > > into them. > > > > I have checked the Net BIOS settings on the 2000 and XP machines, both have > > it enabled. Since I can see the machines and the share names I assume there > > isn't a name lookup issue. No password is asked for unless the share is > > protected. Under 2000 if I have the guest account the shares can be accessed > > by Vista without a password, and if guest is disabled a username/password are > > asked for and then it works. All other shares are not password protected with > > the guest accounts enabled. > > > > Any ideas? Copying files to my 2000 machine or a USB hard disk is getting a > > little irritating. > > You can network Vista with XP and with Linux. You have to do some extra > work for Linux, but nothing big at all. Since you apparently already > have set up Samba correctly so you can share files on the Linux box with > XP, I won't bother adding that bit to the instructions below except to > remind you to add your Vista users to both the general Linux users and > to Samba users with smbpasswd. > > A. For the Windows networking part: > > This link will take you through Vista networking very well: > > http://www.microsoft.com/technet/net.../vista_fp.mspx > > Problems sharing files between computers on a network are generally > caused by 1) a misconfigured firewall; or 2) inadvertently running two > firewalls such as the built-in Windows Firewall and a third-party > firewall; and/or 3) not having identical user accounts and passwords on > all Workgroup machines; 4) trying to create shares where the operating > system does not permit it. > > Here are some general networking tips for home/small networks: > > 1. Configure firewalls on all machines to allow the Local Area Network > (LAN) traffic as trusted. With Windows Firewall, this means allowing > File/Printer Sharing on the Exceptions tab. Normally running the Network > Setup Wizard on XP will take care of this for those machines.The only > "gotcha" is that this will turn on the XPSP2 Windows Firewall. If you > aren't running a third-party firewall or have an antivirus with > "Internet Worm Protection" (like Norton 2006/07) which acts as a > firewall, then you're fine. With third-party firewalls, I usually > configure the LAN allowance with an IP range. Ex. would be > 192.168.1.0-192.168.1.254. Obviously you would substitute your correct > subnet. Do not run more than one firewall. > > 2. With earlier Microsoft operating systems, the name of the Workgroup > didn't matter. Apparently it does with Vista, so put all computers in > the same Workgroup. This is done from the System applet in Control > Panel, Computer Name tab. > > 3. Create identical user accounts and passwords on all machines. If you > wish a machine to boot directly to the Desktop (into one particular > user's account) for convenience, you can do this. The instructions at > this link work for both XP and Vista: > > Configure Windows to Automatically Login (MVP Ramesh) - > http://windowsxp.mvps.org/Autologon.htm > > 4. If one or more of the computers is XP Pro or Media Center: > > a. If you need Pro's ability to set fine-grained permissions, turn off > Simple File Sharing (Folder Options>View tab) and create identical user > accounts/passwords on all computers. > > b. If you don't care about using Pro's advanced features, leave the > Simple File Sharing enabled. > > Simple File Sharing means that Guest (network) is enabled. This means > that anyone without a user account on the target system can use its > resources. This is a security hole but only you can decide if it matters > in your situation. > > I think it is a good idea to create the identical user > accounts/passwords in any case when Vista machines are involved and it > isn't an onerous task with home/small networks. > > 5. Create shares as desired. XP Home does not permit sharing of users' > home directories (My Documents) or Program Files, but you can share > folders inside those directories. A better choice is to simply use the > Shared Documents folder. See the first link above for details about > Vista sharing. > > B. For the Linux networking part: > > From Michael Bishop (MS) - Basically, the issue with Samba and Vista is > that Vista no longer permits LM or NTLM authentication by default; only > NTLMv2. Samba versions 1.x and 2.x only support LM and NTLM, so there's > an issue there. > > Recommended solution: upgrade to Samba 3.x and enable NTLMv2 by adding > "client ntlmv2 auth = yes" to your smb.conf file. Because of another > issues with previous versions, I strongly recommend upgrading to 3.0.22 > or later regardless of your choice for this particular instance. Since > this is an actual Linux box and you have access to smb.conf, I would do > this first and test. > > Alternate solution: change Vista's security settings to permit > lower-security authentications. (as below) > > To enable Windows Vista to connect to Mac OS X with Windows File Sharing > enabled, you will need to change the following policy in Windows Vista: > > Start>Run>secpol.msc [enter] > > Click on "Local Policies" --> "Security Options" > > Navigate to the policy "Network Security: LAN Manager authentication > level" and double-click it to get its Properties. By default Windows > Vista sets the policy to "NTVLM2 responses only". Use the drop-down > arrow to change this to "LM and NTLM – use NTLMV2 session security if > negotiated". > > In Vista Home Premium, you won't have this tool so per Steve Winograd, do: > > 1. Run the registry editor and open this key: > > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa > > 1. If it doesn't already exist, create a DWORD value named > LmCompatibilityLevel > > 3. Set the value to 1 > > 4. Reboot > > > Malke > -- > Elephant Boy Computers > www.elephantboycomputers.com > "Don't Panic!" > MS-MVP Windows - Shell/User > I am having a problem connecting vista to my 2000 machine. It's the reverse of the Dooferlad post: I was able to configure XP... but not the 2000. Any advice? Thanks!
My System Specs