Hi,
After having problems myself, and reading all sorts of answers from all sorts of people here and elsewhere in google, and after trying some of those solutions, I’ve come to realize the entire process of making this work, i.e. – The ability to access resources from every machine to every other machine on you local network using the Workgroup method, installed with either Win9x/2000/XP, without having any “you must supply a password to make this connection”‘s, or “No permission to access resource”‘s or whatever.
Here it is:
———–
1. Make sure you have all the network protocols and clients setup fine (i.e. Tcp/IP, Client for Microsoft Networks & File and Printing Sharing – these are the defaults).
2. If you don’t have a router/gateway or a Cable/ADSL modem that acts like one, then you probably don’t have DHCP server, so you have to assing each machine on the network a unique IP, in the same subnet, you can use 192.168.0.X, where X will go up from 1 to whatever. Have the subnet mask be 255.255.255.0. Put the default gateway as the machine which has the connection to the Internet (modem).
3. On WinXP, un-check “Use simple file sharing (Recommended)” in
Explorer->Tools->Folder Options->View. Although MS recommends it, it
is not recommended by me, this way you’ll have more power in defining your shared (as you already have in Win2000).
4. On Win2000/XP you’ll have to create all the users on the network, cause they dont allow un-authorized access.
Tip: Leave password empty, and make sure the other machines (Win9X’s) log on to those users with empty passwords. To make things short, have all the users in you local network logon with passwords blank, and define them as such on all the Win2000/XP’s you have.
Of course this is a SECURITY HAZARD, since your 2000/XP machines can be accessed with those users easily from the internet (noticed i didn’t mentioned the Win9x’s ?, that’s because they are not secured anyhow, and there’s nothing that you can do about it), that’s why you need to make sure you are protected with a firewall by your ISP, or your ADSL/Cable modem has one (my Alcatel Pro does).
If not, you can use the Firewall feature on your WinXP:
The shared internet connection has to be on that machine!
On Network Connections->(your internect
connection)->Properties->Advanced:
Check “Internet connection firewall”
Check “Internet connection sharing”
5. Make shares as you like:
On Win9X:
(Right click on a folder or driver)->Sharing…
Name the share in “Share as”, set access to “Full” or “Read-Only”.
On Win2000/XP:
(Right click on a folder or driver)->Sharing and Security:
Check “Share this folder” (or if already shared as C$ for example, use “New Share”), name the share, make sure the “Premissions” is OK – full access or limited as you like to “Everyone” or to the users you’ve defined.
6. ON WINDOWS XP – DISABLE “ACOUNTS: LIMIT LOCAL ACOUTN USE OF BLANK PASSWORDS TO CONSOLE LOGON ONLY”, IN Control Panel->Administrative
Tools->Local Security Policy->Local Policies->Security Options. This
one is a real pain in the ass.
7. Again, On Windows XP – Disable the “Internet connection firewall”
on your LAN, from Network Connections->Local Area
Connection->Properties->Advanced
(the same one I advised enabling for the Internet connection).
NOTE: If you don’t have a Firewall on your modem or in your ISP, and your modem acts as a gateway (connected to your hub, as any other machine on your LAN), then you will not have any protection at all!!!, since “Internet connection firewall” on the XP has to be disabled for the other machines on the LAN to access its shares, not to mention that those Win2000/9x machines, cannot be protected in any way (the best case is having the XP protect itself, and not allowing others to use its shares, the worst case is having no protection at all).
There are some commercial software products in the market that can be installed on each of those machines, and supply an individual firewall for every machine, but you’ll have a great deal of work setting them to allow LAN machines connect shares, and external machines not.
That’s it!!!
Having each Win9x login as a certain user (can even be automatically in 98 and up, using Family Logon, or using blank password), and those users defined in the Win2000/XP machines, they can access shares on those machine freely (even to c$ if they are defined in the Administrators group – not advised).
I hope i remembered everthing, but if anybody feels i left something out, you’re welcomed to note me, and I’ll repost this.