Vista Forums - View Single Post

08-21-2007

"Kerry Brown" wrote:

> "Dooferlad" <Dooferlad@discussions.microsoft.com> wrote in message
> news:5E9BA039-8969-4DEE-9C67-B60885148FA8@microsoft.com...
> >
> >
> > "Dooferlad" wrote:
> >
> >>
> >>
> >> "Malke" wrote:
> >>
> >> > Dooferlad wrote:
> >> > > Hi,
> >> > >
> >> > > I have just got myself a Vista machine and I am having a lot of
> >> > > trouble
> >> > > getting it to talk to some machines on my network. My other computers
> >> > > can see
> >> > > each other and access files on each others shares just fine. From
> >> > > Vista I can
> >> > > access a share on my 2000 box, but not the XP or Linux boxes. Neither
> >> > > have
> >> > > firewalls on and I can list the shares on both machines, but can't
> >> > > navigate
> >> > > into them.
> >> > >
> >> > > I have checked the Net BIOS settings on the 2000 and XP machines,
> >> > > both have
> >> > > it enabled. Since I can see the machines and the share names I assume
> >> > > there
> >> > > isn't a name lookup issue. No password is asked for unless the share
> >> > > is
> >> > > protected. Under 2000 if I have the guest account the shares can be
> >> > > accessed
> >> > > by Vista without a password, and if guest is disabled a
> >> > > username/password are
> >> > > asked for and then it works. All other shares are not password
> >> > > protected with
> >> > > the guest accounts enabled.
> >> > >
> >> > > Any ideas? Copying files to my 2000 machine or a USB hard disk is
> >> > > getting a
> >> > > little irritating.
> >> >
> >> > You can network Vista with XP and with Linux. You have to do some extra
> >> > work for Linux, but nothing big at all. Since you apparently already
> >> > have set up Samba correctly so you can share files on the Linux box
> >> > with
> >> > XP, I won't bother adding that bit to the instructions below except to
> >> > remind you to add your Vista users to both the general Linux users
> >> > *and*
> >> > to Samba users with smbpasswd.
> >> >
> >> > A. For the Windows networking part:
> >> >
> >> > This link will take you through Vista networking very well:
> >> >
> >> > http://www.microsoft.com/technet/net.../vista_fp.mspx
> >> >
> >> > Problems sharing files between computers on a network are generally
> >> > caused by 1) a misconfigured firewall; or 2) inadvertently running two
> >> > firewalls such as the built-in Windows Firewall and a third-party
> >> > firewall; and/or 3) not having identical user accounts and passwords on
> >> > all Workgroup machines; 4) trying to create shares where the operating
> >> > system does not permit it.
> >> >
> >> > Here are some general networking tips for home/small networks:
> >> >
> >> > 1. Configure firewalls on all machines to allow the Local Area Network
> >> > (LAN) traffic as trusted. With Windows Firewall, this means allowing
> >> > File/Printer Sharing on the Exceptions tab. Normally running the
> >> > Network
> >> > Setup Wizard on XP will take care of this for those machines.The only
> >> > "gotcha" is that this will turn on the XPSP2 Windows Firewall. If you
> >> > aren't running a third-party firewall or have an antivirus with
> >> > "Internet Worm Protection" (like Norton 2006/07) which acts as a
> >> > firewall, then you're fine. With third-party firewalls, I usually
> >> > configure the LAN allowance with an IP range. Ex. would be
> >> > 192.168.1.0-192.168.1.254. Obviously you would substitute your correct
> >> > subnet. Do not run more than one firewall.
> >> >
> >> > 2. With earlier Microsoft operating systems, the name of the Workgroup
> >> > didn't matter. Apparently it does with Vista, so put all computers in
> >> > the same Workgroup. This is done from the System applet in Control
> >> > Panel, Computer Name tab.
> >> >
> >> > 3. Create identical user accounts and passwords on all machines. If you
> >> > wish a machine to boot directly to the Desktop (into one particular
> >> > user's account) for convenience, you can do this. The instructions at
> >> > this link work for both XP and Vista:
> >> >
> >> > Configure Windows to Automatically Login (MVP Ramesh) -
> >> > http://windowsxp.mvps.org/Autologon.htm
> >> >
> >> > 4. If one or more of the computers is XP Pro or Media Center:
> >> >
> >> > a. If you need Pro's ability to set fine-grained permissions, turn off
> >> > Simple File Sharing (Folder Options>View tab) and create identical user
> >> > accounts/passwords on all computers.
> >> >
> >> > b. If you don't care about using Pro's advanced features, leave the
> >> > Simple File Sharing enabled.
> >> >
> >> > Simple File Sharing means that Guest (network) is enabled. This means
> >> > that anyone without a user account on the target system can use its
> >> > resources. This is a security hole but only you can decide if it
> >> > matters
> >> > in your situation.
> >> >
> >> > I think it is a good idea to create the identical user
> >> > accounts/passwords in any case when Vista machines are involved and it
> >> > isn't an onerous task with home/small networks.
> >> >
> >> > 5. Create shares as desired. XP Home does not permit sharing of users'
> >> > home directories (My Documents) or Program Files, but you can share
> >> > folders inside those directories. A better choice is to simply use the
> >> > Shared Documents folder. See the first link above for details about
> >> > Vista sharing.
> >> >
> >> > B. For the Linux networking part:
> >> >
> >> > From Michael Bishop (MS) - Basically, the issue with Samba and Vista
> >> > is
> >> > that Vista no longer permits LM or NTLM authentication by default; only
> >> > NTLMv2. Samba versions 1.x and 2.x only support LM and NTLM, so
> >> > there's
> >> > an issue there.
> >> >
> >> > Recommended solution: upgrade to Samba 3.x and enable NTLMv2 by adding
> >> > "client ntlmv2 auth = yes" to your smb.conf file. Because of another
> >> > issues with previous versions, I strongly recommend upgrading to 3.0.22
> >> > or later regardless of your choice for this particular instance. Since
> >> > this is an actual Linux box and you have access to smb.conf, I would do
> >> > this first and test.
> >> >
> >> > Alternate solution: change Vista's security settings to permit
> >> > lower-security authentications. (as below)
> >> >
> >> > To enable Windows Vista to connect to Mac OS X with Windows File
> >> > Sharing
> >> > enabled, you will need to change the following policy in Windows Vista:
> >> >
> >> > Start>Run>secpol.msc [enter]
> >> >
> >> > Click on "Local Policies" --> "Security Options"
> >> >
> >> > Navigate to the policy "Network Security: LAN Manager authentication
> >> > level" and double-click it to get its Properties. By default Windows
> >> > Vista sets the policy to "NTVLM2 responses only". Use the drop-down
> >> > arrow to change this to "LM and NTLM – use NTLMV2 session security if
> >> > negotiated".
> >> >
> >> > In Vista Home Premium, you won't have this tool so per Steve Winograd,
> >> > do:
> >> >
> >> > 1. Run the registry editor and open this key:
> >> >
> >> > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
> >> >
> >> > 1. If it doesn't already exist, create a DWORD value named
> >> > LmCompatibilityLevel
> >> >
> >> > 3. Set the value to 1
> >> >
> >> > 4. Reboot
> >>
> >> Hi,
> >>
> >> Having gone through all of this I finally discovered this post:
> >>
> >> http://forum.zensupport.co.uk/27626/ShowThread.aspx
> >>
> >> For some reason Vista and the SpeedTouch 780 don't like each other over
> >> WiFi. I will be chasing this one with Thomson.
> >
> > Gah, looks like I was wrong. I can connect via ethernet to all my
> > machines,
> > but not via wireless. Thomson are saying it is nothing to do with them and
> > I
> > don't have the time at the moment to try another wireless router and try
> > that.
> >
> > My connections certainly seem like they are set up the same:
> >
> > Wireless LAN adapter Wireless Network Connection 2:
> >
> > Connection-specific DNS Suffix . : lan
> > Description . . . . . . . . . . . : Intel(R) Wireless WiFi Link 4965AGN
> > Physical Address. . . . . . . . . : 00-13-E8-5F-0F-0B
> > DHCP Enabled. . . . . . . . . . . : Yes
> > Autoconfiguration Enabled . . . . : Yes
> > Link-local IPv6 Address . . . . . :
> > fe80::6509:a9c0:2f1d:d3b6%12(Preferred)
> > IPv4 Address. . . . . . . . . . . : 192.168.3.64(Preferred)
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Lease Obtained. . . . . . . . . . : 12 August 2007 12:57:48
> > Lease Expires . . . . . . . . . . : 13 August 2007 13:13:12
> > Default Gateway . . . . . . . . . : 192.168.3.254
> > DHCP Server . . . . . . . . . . . : 192.168.1.254
> > DHCPv6 IAID . . . . . . . . . . . : 285217768
> > DNS Servers . . . . . . . . . . . : 192.168.1.254
> > 192.168.3.254
> > NetBIOS over Tcpip. . . . . . . . : Enabled
> >
> > Ethernet adapter Local Area Connection:
> >
> > Connection-specific DNS Suffix . : lan
> > Description . . . . . . . . . . . : Intel(R) 82566MC Gigabit Platform
> > LAN
> > Con
> > nect
> > Physical Address. . . . . . . . . : 00-09-DF-80-28-14
> > DHCP Enabled. . . . . . . . . . . : Yes
> > Autoconfiguration Enabled . . . . : Yes
> > Link-local IPv6 Address . . . . . :
> > fe80::fdcc:ced6:e7cc:3ca8%8(Preferred)
> > IPv4 Address. . . . . . . . . . . : 192.168.3.65(Preferred)
> > Subnet Mask . . . . . . . . . . . : 255.255.255.0
> > Lease Obtained. . . . . . . . . . : 12 August 2007 13:03:03
> > Lease Expires . . . . . . . . . . : 13 August 2007 13:14:54
> > Default Gateway . . . . . . . . . : 192.168.3.254
> > DHCP Server . . . . . . . . . . . : 192.168.1.254
> > DHCPv6 IAID . . . . . . . . . . . : 184551903
> > DNS Servers . . . . . . . . . . . : 192.168.1.254
> > 192.168.3.254
> > NetBIOS over Tcpip. . . . . . . . : Enabled
> >
> > Any thoughts? I don't know how to dump out more than that to text.
> >
>
>
> It looks like you've got two different subnets. How are you routing between
> them? Compare the results of route print from when you are using wi-fi and
> ethernet. It sounds like it may be a routing/NETBIOS/DNS problem between
> 192.168.1.x and 192.168.3.x. You may need a WINS server so NETBIOS works
> between the subnets or make sure all the computers are registered in DNS.
> Are all the computers on the same subnet? Can you post ipconfig /all from
> one of the computers you are trying to access from the Vista computer.

I don't think it is an issue with DNS routing, but I fixed the configuration
of my DSL router to give the correct DNS information so everything is one one
subnet again. Here is the updated routing from my failing Vista machine:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.3.254 192.168.3.11 281
0.0.0.0 0.0.0.0 192.168.3.254 192.168.3.65 30
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.3.0 255.255.255.0 On-link 192.168.3.11 281
192.168.3.0 255.255.255.0 On-link 192.168.3.65 286
192.168.3.11 255.255.255.255 On-link 192.168.3.11 281
192.168.3.65 255.255.255.255 On-link 192.168.3.65 286
192.168.3.255 255.255.255.255 On-link 192.168.3.11 281
192.168.3.255 255.255.255.255 On-link 192.168.3.65 286
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.3.65 286
224.0.0.0 240.0.0.0 On-link 192.168.3.11 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.3.65 286
255.255.255.255 255.255.255.255 On-link 192.168.3.11 281

I think the 192.168.1.x was the default subnet that my router came
configured with, but I was already running on 192.168.3.x. Since the router
was also the default gateway and would happily route between these domains
the change hasn't helped.

I agree that it is probably a routing problem - I have lots of trouble with
SSH to my Linux box if I use the internal IP address (sometimes it doesn't
connect, it always times out after a bit), but if I use its external IP it
works fine.

Dooferlad

08-21-2007	#9 (permalink)
Dooferlad n/a posts	Re: Vista / XP / 2000 / Linux networking "Kerry Brown" wrote: > "Dooferlad" <Dooferlad@discussions.microsoft.com> wrote in message > news:5E9BA039-8969-4DEE-9C67-B60885148FA8@microsoft.com... > > > > > > "Dooferlad" wrote: > > > >> > >> > >> "Malke" wrote: > >> > >> > Dooferlad wrote: > >> > > Hi, > >> > > > >> > > I have just got myself a Vista machine and I am having a lot of > >> > > trouble > >> > > getting it to talk to some machines on my network. My other computers > >> > > can see > >> > > each other and access files on each others shares just fine. From > >> > > Vista I can > >> > > access a share on my 2000 box, but not the XP or Linux boxes. Neither > >> > > have > >> > > firewalls on and I can list the shares on both machines, but can't > >> > > navigate > >> > > into them. > >> > > > >> > > I have checked the Net BIOS settings on the 2000 and XP machines, > >> > > both have > >> > > it enabled. Since I can see the machines and the share names I assume > >> > > there > >> > > isn't a name lookup issue. No password is asked for unless the share > >> > > is > >> > > protected. Under 2000 if I have the guest account the shares can be > >> > > accessed > >> > > by Vista without a password, and if guest is disabled a > >> > > username/password are > >> > > asked for and then it works. All other shares are not password > >> > > protected with > >> > > the guest accounts enabled. > >> > > > >> > > Any ideas? Copying files to my 2000 machine or a USB hard disk is > >> > > getting a > >> > > little irritating. > >> > > >> > You can network Vista with XP and with Linux. You have to do some extra > >> > work for Linux, but nothing big at all. Since you apparently already > >> > have set up Samba correctly so you can share files on the Linux box > >> > with > >> > XP, I won't bother adding that bit to the instructions below except to > >> > remind you to add your Vista users to both the general Linux users > >> > and > >> > to Samba users with smbpasswd. > >> > > >> > A. For the Windows networking part: > >> > > >> > This link will take you through Vista networking very well: > >> > > >> > http://www.microsoft.com/technet/net.../vista_fp.mspx > >> > > >> > Problems sharing files between computers on a network are generally > >> > caused by 1) a misconfigured firewall; or 2) inadvertently running two > >> > firewalls such as the built-in Windows Firewall and a third-party > >> > firewall; and/or 3) not having identical user accounts and passwords on > >> > all Workgroup machines; 4) trying to create shares where the operating > >> > system does not permit it. > >> > > >> > Here are some general networking tips for home/small networks: > >> > > >> > 1. Configure firewalls on all machines to allow the Local Area Network > >> > (LAN) traffic as trusted. With Windows Firewall, this means allowing > >> > File/Printer Sharing on the Exceptions tab. Normally running the > >> > Network > >> > Setup Wizard on XP will take care of this for those machines.The only > >> > "gotcha" is that this will turn on the XPSP2 Windows Firewall. If you > >> > aren't running a third-party firewall or have an antivirus with > >> > "Internet Worm Protection" (like Norton 2006/07) which acts as a > >> > firewall, then you're fine. With third-party firewalls, I usually > >> > configure the LAN allowance with an IP range. Ex. would be > >> > 192.168.1.0-192.168.1.254. Obviously you would substitute your correct > >> > subnet. Do not run more than one firewall. > >> > > >> > 2. With earlier Microsoft operating systems, the name of the Workgroup > >> > didn't matter. Apparently it does with Vista, so put all computers in > >> > the same Workgroup. This is done from the System applet in Control > >> > Panel, Computer Name tab. > >> > > >> > 3. Create identical user accounts and passwords on all machines. If you > >> > wish a machine to boot directly to the Desktop (into one particular > >> > user's account) for convenience, you can do this. The instructions at > >> > this link work for both XP and Vista: > >> > > >> > Configure Windows to Automatically Login (MVP Ramesh) - > >> > http://windowsxp.mvps.org/Autologon.htm > >> > > >> > 4. If one or more of the computers is XP Pro or Media Center: > >> > > >> > a. If you need Pro's ability to set fine-grained permissions, turn off > >> > Simple File Sharing (Folder Options>View tab) and create identical user > >> > accounts/passwords on all computers. > >> > > >> > b. If you don't care about using Pro's advanced features, leave the > >> > Simple File Sharing enabled. > >> > > >> > Simple File Sharing means that Guest (network) is enabled. This means > >> > that anyone without a user account on the target system can use its > >> > resources. This is a security hole but only you can decide if it > >> > matters > >> > in your situation. > >> > > >> > I think it is a good idea to create the identical user > >> > accounts/passwords in any case when Vista machines are involved and it > >> > isn't an onerous task with home/small networks. > >> > > >> > 5. Create shares as desired. XP Home does not permit sharing of users' > >> > home directories (My Documents) or Program Files, but you can share > >> > folders inside those directories. A better choice is to simply use the > >> > Shared Documents folder. See the first link above for details about > >> > Vista sharing. > >> > > >> > B. For the Linux networking part: > >> > > >> > From Michael Bishop (MS) - Basically, the issue with Samba and Vista > >> > is > >> > that Vista no longer permits LM or NTLM authentication by default; only > >> > NTLMv2. Samba versions 1.x and 2.x only support LM and NTLM, so > >> > there's > >> > an issue there. > >> > > >> > Recommended solution: upgrade to Samba 3.x and enable NTLMv2 by adding > >> > "client ntlmv2 auth = yes" to your smb.conf file. Because of another > >> > issues with previous versions, I strongly recommend upgrading to 3.0.22 > >> > or later regardless of your choice for this particular instance. Since > >> > this is an actual Linux box and you have access to smb.conf, I would do > >> > this first and test. > >> > > >> > Alternate solution: change Vista's security settings to permit > >> > lower-security authentications. (as below) > >> > > >> > To enable Windows Vista to connect to Mac OS X with Windows File > >> > Sharing > >> > enabled, you will need to change the following policy in Windows Vista: > >> > > >> > Start>Run>secpol.msc [enter] > >> > > >> > Click on "Local Policies" --> "Security Options" > >> > > >> > Navigate to the policy "Network Security: LAN Manager authentication > >> > level" and double-click it to get its Properties. By default Windows > >> > Vista sets the policy to "NTVLM2 responses only". Use the drop-down > >> > arrow to change this to "LM and NTLM – use NTLMV2 session security if > >> > negotiated". > >> > > >> > In Vista Home Premium, you won't have this tool so per Steve Winograd, > >> > do: > >> > > >> > 1. Run the registry editor and open this key: > >> > > >> > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa > >> > > >> > 1. If it doesn't already exist, create a DWORD value named > >> > LmCompatibilityLevel > >> > > >> > 3. Set the value to 1 > >> > > >> > 4. Reboot > >> > >> Hi, > >> > >> Having gone through all of this I finally discovered this post: > >> > >> http://forum.zensupport.co.uk/27626/ShowThread.aspx > >> > >> For some reason Vista and the SpeedTouch 780 don't like each other over > >> WiFi. I will be chasing this one with Thomson. > > > > Gah, looks like I was wrong. I can connect via ethernet to all my > > machines, > > but not via wireless. Thomson are saying it is nothing to do with them and > > I > > don't have the time at the moment to try another wireless router and try > > that. > > > > My connections certainly seem like they are set up the same: > > > > Wireless LAN adapter Wireless Network Connection 2: > > > > Connection-specific DNS Suffix . : lan > > Description . . . . . . . . . . . : Intel(R) Wireless WiFi Link 4965AGN > > Physical Address. . . . . . . . . : 00-13-E8-5F-0F-0B > > DHCP Enabled. . . . . . . . . . . : Yes > > Autoconfiguration Enabled . . . . : Yes > > Link-local IPv6 Address . . . . . : > > fe80::6509:a9c0:2f1d:d3b6%12(Preferred) > > IPv4 Address. . . . . . . . . . . : 192.168.3.64(Preferred) > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Lease Obtained. . . . . . . . . . : 12 August 2007 12:57:48 > > Lease Expires . . . . . . . . . . : 13 August 2007 13:13:12 > > Default Gateway . . . . . . . . . : 192.168.3.254 > > DHCP Server . . . . . . . . . . . : 192.168.1.254 > > DHCPv6 IAID . . . . . . . . . . . : 285217768 > > DNS Servers . . . . . . . . . . . : 192.168.1.254 > > 192.168.3.254 > > NetBIOS over Tcpip. . . . . . . . : Enabled > > > > Ethernet adapter Local Area Connection: > > > > Connection-specific DNS Suffix . : lan > > Description . . . . . . . . . . . : Intel(R) 82566MC Gigabit Platform > > LAN > > Con > > nect > > Physical Address. . . . . . . . . : 00-09-DF-80-28-14 > > DHCP Enabled. . . . . . . . . . . : Yes > > Autoconfiguration Enabled . . . . : Yes > > Link-local IPv6 Address . . . . . : > > fe80::fdcc:ced6:e7cc:3ca8%8(Preferred) > > IPv4 Address. . . . . . . . . . . : 192.168.3.65(Preferred) > > Subnet Mask . . . . . . . . . . . : 255.255.255.0 > > Lease Obtained. . . . . . . . . . : 12 August 2007 13:03:03 > > Lease Expires . . . . . . . . . . : 13 August 2007 13:14:54 > > Default Gateway . . . . . . . . . : 192.168.3.254 > > DHCP Server . . . . . . . . . . . : 192.168.1.254 > > DHCPv6 IAID . . . . . . . . . . . : 184551903 > > DNS Servers . . . . . . . . . . . : 192.168.1.254 > > 192.168.3.254 > > NetBIOS over Tcpip. . . . . . . . : Enabled > > > > Any thoughts? I don't know how to dump out more than that to text. > > > > > It looks like you've got two different subnets. How are you routing between > them? Compare the results of route print from when you are using wi-fi and > ethernet. It sounds like it may be a routing/NETBIOS/DNS problem between > 192.168.1.x and 192.168.3.x. You may need a WINS server so NETBIOS works > between the subnets or make sure all the computers are registered in DNS. > Are all the computers on the same subnet? Can you post ipconfig /all from > one of the computers you are trying to access from the Vista computer. I don't think it is an issue with DNS routing, but I fixed the configuration of my DSL router to give the correct DNS information so everything is one one subnet again. Here is the updated routing from my failing Vista machine: IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.3.254 192.168.3.11 281 0.0.0.0 0.0.0.0 192.168.3.254 192.168.3.65 30 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.3.0 255.255.255.0 On-link 192.168.3.11 281 192.168.3.0 255.255.255.0 On-link 192.168.3.65 286 192.168.3.11 255.255.255.255 On-link 192.168.3.11 281 192.168.3.65 255.255.255.255 On-link 192.168.3.65 286 192.168.3.255 255.255.255.255 On-link 192.168.3.11 281 192.168.3.255 255.255.255.255 On-link 192.168.3.65 286 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.3.65 286 224.0.0.0 240.0.0.0 On-link 192.168.3.11 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.3.65 286 255.255.255.255 255.255.255.255 On-link 192.168.3.11 281 I think the 192.168.1.x was the default subnet that my router came configured with, but I was already running on 192.168.3.x. Since the router was also the default gateway and would happily route between these domains the change hasn't helped. I agree that it is probably a routing problem - I have lots of trouble with SSH to my Linux box if I use the internal IP address (sometimes it doesn't connect, it always times out after a bit), but if I use its external IP it works fine. Dooferlad
My System Specs