XP AND 2000

G

Guest

Hello to everyone,

This is just a general question really.

I came across a network setup with the following:-

• NT4 Server
• Windows XP machines
• Windows 2000 PC
• Windows 98 Machines

Basically, all PCs except the Windows 2000 machine are on the domain. The
Windows 2000 PC is on a workgroup, the same name as the domain.

Lets assume, the following:-

• Windows XP machine = XP-A (domain)
• Windows XP machine =XP-B (domain)
• Windows 2000 = 2000-C (workgroup)

My questions really are:-

1. The Windows 2000 PC can see some of the other PCs in ‘my network places’
but not all of them. All other PCs are on a domain. Is this because some of
the other PCs are turned off or can this still happen?

2. Also, all PCs from the XP machines can be seen in ‘my network places’ but
none of them can be pinged!!!

3. When XP-A tries to access resources on XP-B in ‘my network places’ all is
fine. When XP-B tries to access resources on XP-A in ‘my network places’ it
throws up a a username and password box. The username is greyed out with a
guest account.

4. Finally, why is it that even when a PC is not on a domain i.e. on a
workgroup, it can still view resources on the domain. I thought the whole
point of a domain was security etc and authentication. This confuses me.

Many thanks to all who take their time to answer and view my questions,
Jeff
 
S

Steven L Umbach

Reply inline.

jeffuk123 said:
Hello to everyone,

This is just a general question really.

I came across a network setup with the following:-

. NT4 Server
. Windows XP machines
. Windows 2000 PC
. Windows 98 Machines

Basically, all PCs except the Windows 2000 machine are on the domain. The
Windows 2000 PC is on a workgroup, the same name as the domain.

Lets assume, the following:-

. Windows XP machine = XP-A (domain)
. Windows XP machine =XP-B (domain)
. Windows 2000 = 2000-C (workgroup)

My questions really are:-

1. The Windows 2000 PC can see some of the other PCs in 'my network places'
but not all of them. All other PCs are on a domain. Is this because some
of
the other PCs are turned off or can this still happen?
Click to expand...

Well yes if a computer is turned off it will eventually disappear from the
browse list. The whole browse list thing is kind of flaky and there
could be other reasons. Use ping and computer IP to establish connectivity
between computers assumimg a firewall, tcp/ip filtering or ipsec policy is
not blocking access.
2. Also, all PCs from the XP machines can be seen in 'my network places'
but
none of them can be pinged!!!
Click to expand...

It sounds like the XP Firewalls are enabled, a third pary
firewall/protection application, or an ipsec policy. Using the support tool
netdiag will show advanced networking configuration including if an ipsec
policy is enabled. You can use the command netsh firewall show state on an
XP computer to see firewall status.
3. When XP-A tries to access resources on XP-B in 'my network places' all
is
fine. When XP-B tries to access resources on XP-A in 'my network places'
it
throws up a a username and password box. The username is greyed out with a
guest account.
Click to expand...

It sounds like simple file sharing is enabled on XP-A. You can use Windows
Explorer and look in tools/folder options/view for the last option "use
simple file sharing" to see if it is enabled or not. That would be unusual
on a domain computer because simple file sharing is disabled when an
XP Pro computer is joined to the domain.
4. Finally, why is it that even when a PC is not on a domain i.e. on a
workgroup, it can still view resources on the domain. I thought the whole
point of a domain was security etc and authentication. This confuses me.
Click to expand...

"Viewing" in My Network Places is a function of the browse list and used
netbios over tcp/ip and broadcasts. If the computers are on the same network
then
it is very possible that they all will show up. However seeing does not
necessarily mean access. If users in the workgroup can access shares and the
files in them
for domain computers then either those workgroup users have a user account
in the domain, know logon/password of a domain account, or there is very
poor security on the domain computers such as simple file sharing being used
or the guest account enabled and everyone permissions are granted to shares
and the folders in the shares. Using an Active Directory domain can simplify
management of users/groups, security policies, Group Policies, etc but does
not
guarantee good security. However with some planning it is failry easy to
secure resources in a domain. --- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Connecting a remote workstation to a domain 1
Unable to login to a XP Pro system 3
STUMPED: Sharing Issue on "My Documents" folder 3
Cannot able to view other computers in windows 2003 domain 1
XP Pro can't see other Comptuers in Domain 5
Unable to connect to anonymous network share 1
Computers are not shown in my network places 0
MUI folder is missing 1

Top