T
TonyG
I have been reading/working through all of the materials provided about
troubleshooting file and printer sharing problems in Windows XP Pro. It has
been useful to get an understanding of the scope of the
problem, but it has not helped to resolve it. Details of the problem and the
IPCONFIG and BROWSTAT results for the three PCs are below.
What I really need to know at this stage is:
(1) Does Internet Connection Sharing being enabled on a PC change its
security model in any way?
(2) Is there a reasonably simple way to compare security in depth between
two PCs?
My problem is much the same as many others. I have resources on a Win XP Pro
machine (PC1) that I want to share with another XP Pro machine (PC2) and a
Win2K machine (PC3). PC1 runs ICS to share a cable internet connection. PC2
and PC3 connect via an 8-port hub to share this connection and, ideally, its
printer as well.
PC1 can see all shares on PC2 and PC3. PC2 can see the shares on PC3 and
vice-versa. But PC2 and PC3 cannot see the shares on PC1. PC1 shows in
Network Neighborhood but gives the dreaded "Error 5" when you try to see its
shares.
I have tried many of the common 'fixes' suggested on other newsgroups:
- disable simple file sharing
- ensures shares have access by 'Everyone'
- common username/password on all three PCs
- enable the Guest account
- add Netbios over TCP/IP
- ensure a single master browser
- set registry key RestrictAnonymous to '0'
- check for hidden enumeration parameter
- cleaned up the protocol stack
- disabled Windows firewall entirely (no other firewalls)
- even tried adding NETBEUI to the three machines.
The only thing that made any difference was fiddling with some of the
security settings in GPEDIT.MSC, which switched the problem from an Error 5
message to a request for username/password - looked promising, but no
combination was accepted, even administrator sets which are also common on
all three.
Given that PC2 (XP Pro) is able to share its folders with both machines, and
PC1 (XP Pro) is not, I am looking now at the differences in security
settings between the two PCs. But I am concerned that I have fiddled with so
many settings now, I am not sure what is right and what is not any more.
I really need to know if Internet Connection Sharing might complicating the
issue in any way. And I need to directly compare all security settings
between PC1 and PC2 to identify the differences and see if any of these
impact the sharing model.
Sorry if I seem a bit terse, but this problem has been plaguing me for
months now, ever since replacing Win2K Pro with Win XP Pro (both clean
installs, by the way). I was quite surprised when PC2 opened its shares
(after a clean reinstall due to corruption) and it gave me new hope of
finding a solution.
Any help, tips, pointers, things I have not tried, utilities that might
help, etc. would be appreciated. The IPCONFIGS and BROWSTATS for each
machine are reproduced below for information. Some details have been 'xxx'd
for security reasons. The BROWSTAT for PC2 might be very significant...
TonyG
-----------------------------------------------------------------
PC1 - IPCONFIG /all
Host Name . . . . . . . . . . . . : Pentium4
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.net.au
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-0D-61-2B-2A-01
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter XXX Cable:
Connection-specific DNS Suffix . : xxx.xxx.net.au
Description . . . . . . . . . . . : Motorola SURFboard 4200 USB
Cable Modem
Physical Address. . . . . . . . . : 00-0B-06-93-04-47
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : XXX.XXX.XXX.XXX
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : XXX.XXX.XXX.XXX
DHCP Server . . . . . . . . . . . : XXX.XXX.XXX.XXX
DNS Servers . . . . . . . . . . . : XXX.XXX.XXX.XXX
Lease Obtained. . . . . . . . . . : Friday, 16 September 2005
10:38:35 AM
Lease Expires . . . . . . . . . . : Friday, 16 September 2005
4:38:35 PM
--------------------------------------------------------
PC1 - BROWSTAT
Status for domain TONY on transport
\Device\NetBT_Tcpip_{71C01581-E0F7-454D-A309-72388F96200B}
Browsing is active on domain.
Master browser name is: PENTIUM4
Master browser is running build 2600
1 backup servers retrieved from master PENTIUM4
\\PENTIUM4
There are 0 servers in domain TONY on transport
\Device\NetBT_Tcpip_{71C01581-E0F7-454D-A309-72388F96200B}
There are 1 domains in domain TONY on transport
\Device\NetBT_Tcpip_{71C01581-E0F7-454D-A309-72388F96200B}
Status for domain TONY on transport
\Device\NetBT_Tcpip_{53751DDA-A365-40FF-BD49-1F7DCE8BDCAA}
Browsing is active on domain.
Master browser name is: PENTIUM4
Master browser is running build 2600
1 backup servers retrieved from master PENTIUM4
\\PENTIUM4
There are 0 servers in domain TONY on transport
\Device\NetBT_Tcpip_{53751DDA-A365-40FF-BD49-1F7DCE8BDCAA}
There are 1 domains in domain TONY on transport
\Device\NetBT_Tcpip_{53751DDA-A365-40FF-BD49-1F7DCE8BDCAA}
---------------------------------------------------------------
PC2 - IPCONFIG /all
Host Name . . . . . . . . . . . . : packardbell
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mshome.net
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-05-1C-16-13-E6
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.98
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Friday, 16 September 2005
12:39:49 PM
Lease Expires . . . . . . . . . . : Friday, 23 September 2005
12:39:49 PM
----------------------------------------------------------
BROWSTAT for PC2
Status for domain TONY on transport
\Device\NetBT_Tcpip_{1C697756-0ECC-4AB3-B027-2A04DBA2176E}
Browsing is active on domain.
Master browser name is: PENTIUM4
Could not connect to registry, error = 5 Unable to determine
build of browser master: 5
Unable to determine server information for browser master: 5
1 backup servers retrieved from master PENTIUM4
\\PENTIUM4
There are 0 servers in domain TONY on transport
\Device\NetBT_Tcpip_{1C697756-0ECC-4AB3-B027-2A04DBA2176E}
There are 1 domains in domain TONY on transport
\Device\NetBT_Tcpip_{1C697756-0ECC-4AB3-B027-2A04DBA2176E}
troubleshooting file and printer sharing problems in Windows XP Pro. It has
been useful to get an understanding of the scope of the
problem, but it has not helped to resolve it. Details of the problem and the
IPCONFIG and BROWSTAT results for the three PCs are below.
What I really need to know at this stage is:
(1) Does Internet Connection Sharing being enabled on a PC change its
security model in any way?
(2) Is there a reasonably simple way to compare security in depth between
two PCs?
My problem is much the same as many others. I have resources on a Win XP Pro
machine (PC1) that I want to share with another XP Pro machine (PC2) and a
Win2K machine (PC3). PC1 runs ICS to share a cable internet connection. PC2
and PC3 connect via an 8-port hub to share this connection and, ideally, its
printer as well.
PC1 can see all shares on PC2 and PC3. PC2 can see the shares on PC3 and
vice-versa. But PC2 and PC3 cannot see the shares on PC1. PC1 shows in
Network Neighborhood but gives the dreaded "Error 5" when you try to see its
shares.
I have tried many of the common 'fixes' suggested on other newsgroups:
- disable simple file sharing
- ensures shares have access by 'Everyone'
- common username/password on all three PCs
- enable the Guest account
- add Netbios over TCP/IP
- ensure a single master browser
- set registry key RestrictAnonymous to '0'
- check for hidden enumeration parameter
- cleaned up the protocol stack
- disabled Windows firewall entirely (no other firewalls)
- even tried adding NETBEUI to the three machines.
The only thing that made any difference was fiddling with some of the
security settings in GPEDIT.MSC, which switched the problem from an Error 5
message to a request for username/password - looked promising, but no
combination was accepted, even administrator sets which are also common on
all three.
Given that PC2 (XP Pro) is able to share its folders with both machines, and
PC1 (XP Pro) is not, I am looking now at the differences in security
settings between the two PCs. But I am concerned that I have fiddled with so
many settings now, I am not sure what is right and what is not any more.
I really need to know if Internet Connection Sharing might complicating the
issue in any way. And I need to directly compare all security settings
between PC1 and PC2 to identify the differences and see if any of these
impact the sharing model.
Sorry if I seem a bit terse, but this problem has been plaguing me for
months now, ever since replacing Win2K Pro with Win XP Pro (both clean
installs, by the way). I was quite surprised when PC2 opened its shares
(after a clean reinstall due to corruption) and it gave me new hope of
finding a solution.
Any help, tips, pointers, things I have not tried, utilities that might
help, etc. would be appreciated. The IPCONFIGS and BROWSTATS for each
machine are reproduced below for information. Some details have been 'xxx'd
for security reasons. The BROWSTAT for PC2 might be very significant...
TonyG
-----------------------------------------------------------------
PC1 - IPCONFIG /all
Host Name . . . . . . . . . . . . : Pentium4
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : Yes
DNS Suffix Search List. . . . . . : xxx.xxx.net.au
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-0D-61-2B-2A-01
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
Ethernet adapter XXX Cable:
Connection-specific DNS Suffix . : xxx.xxx.net.au
Description . . . . . . . . . . . : Motorola SURFboard 4200 USB
Cable Modem
Physical Address. . . . . . . . . : 00-0B-06-93-04-47
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : XXX.XXX.XXX.XXX
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Default Gateway . . . . . . . . . : XXX.XXX.XXX.XXX
DHCP Server . . . . . . . . . . . : XXX.XXX.XXX.XXX
DNS Servers . . . . . . . . . . . : XXX.XXX.XXX.XXX
Lease Obtained. . . . . . . . . . : Friday, 16 September 2005
10:38:35 AM
Lease Expires . . . . . . . . . . : Friday, 16 September 2005
4:38:35 PM
--------------------------------------------------------
PC1 - BROWSTAT
Status for domain TONY on transport
\Device\NetBT_Tcpip_{71C01581-E0F7-454D-A309-72388F96200B}
Browsing is active on domain.
Master browser name is: PENTIUM4
Master browser is running build 2600
1 backup servers retrieved from master PENTIUM4
\\PENTIUM4
There are 0 servers in domain TONY on transport
\Device\NetBT_Tcpip_{71C01581-E0F7-454D-A309-72388F96200B}
There are 1 domains in domain TONY on transport
\Device\NetBT_Tcpip_{71C01581-E0F7-454D-A309-72388F96200B}
Status for domain TONY on transport
\Device\NetBT_Tcpip_{53751DDA-A365-40FF-BD49-1F7DCE8BDCAA}
Browsing is active on domain.
Master browser name is: PENTIUM4
Master browser is running build 2600
1 backup servers retrieved from master PENTIUM4
\\PENTIUM4
There are 0 servers in domain TONY on transport
\Device\NetBT_Tcpip_{53751DDA-A365-40FF-BD49-1F7DCE8BDCAA}
There are 1 domains in domain TONY on transport
\Device\NetBT_Tcpip_{53751DDA-A365-40FF-BD49-1F7DCE8BDCAA}
---------------------------------------------------------------
PC2 - IPCONFIG /all
Host Name . . . . . . . . . . . . : packardbell
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Mixed
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mshome.net
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : mshome.net
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast
Ethernet NIC
Physical Address. . . . . . . . . : 00-05-1C-16-13-E6
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.0.98
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.1
Lease Obtained. . . . . . . . . . : Friday, 16 September 2005
12:39:49 PM
Lease Expires . . . . . . . . . . : Friday, 23 September 2005
12:39:49 PM
----------------------------------------------------------
BROWSTAT for PC2
Status for domain TONY on transport
\Device\NetBT_Tcpip_{1C697756-0ECC-4AB3-B027-2A04DBA2176E}
Browsing is active on domain.
Master browser name is: PENTIUM4
Could not connect to registry, error = 5 Unable to determine
build of browser master: 5
Unable to determine server information for browser master: 5
1 backup servers retrieved from master PENTIUM4
\\PENTIUM4
There are 0 servers in domain TONY on transport
\Device\NetBT_Tcpip_{1C697756-0ECC-4AB3-B027-2A04DBA2176E}
There are 1 domains in domain TONY on transport
\Device\NetBT_Tcpip_{1C697756-0ECC-4AB3-B027-2A04DBA2176E}