Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#242156 - 21/11/2004 18:18 Accessing shared machine at home??
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
I've got a few Windows (XP) machines at home living quite happily and able to see each others shared volumes. I can even see all these volumes from my Mac. The Windows machines all belong to the same workgroup.

However, I can't see the Windows machines from my girlfriend's Windows XP notebook. Her machine is configured to be part of a domain, not workgroup (remember the story of me trying to temporarily changing that back in March?) Changing it to be part of my workgroup is out of the question. Her machine is able to access the internet over its wireless connection.

Another (unrelated PITA) is that to connect to my WiFi router, I have to disable a couple of VPN-related things from her wireless profile (Odessey client and some EAC thing) - otherwise the machine won't connect (but doesn't give an error). This all has to be enabled again to connect at work.

Any help appreciated.
Bruno
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#242157 - 21/11/2004 18:46 Re: Accessing shared machine at home?? [Re: hybrid8]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Most commonly, the reasons a given person can't access a share on an NT/2K/XP box are:

1. The networking feature "NetBios over TCP/IP" has been disabled on either the client or server. It's pretty far buried in the network properties.

2. The server has disabled the user account named "Guest". (This is normally disabled by default.) If the share is set with permissions like this...

UserOne: Read/Write
UserTwo: Read/Write
Everyone: Read

... then someone who isn't UserOne or UserTwo automatically connects with the account name of "Guest". So if you've disabled "Guest", then they can't access the share.
_________________________
Tony Fabris

Top
#242158 - 21/11/2004 18:49 Re: Accessing shared machine at home?? [Re: tfabris]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Oops, forgot one:

3. The windows XP firewall feature is turned on and is blocking windows shares. It's possible to configure it to allow windows shares without disabling it completely.
_________________________
Tony Fabris

Top
#242159 - 21/11/2004 19:02 Re: Accessing shared machine at home?? [Re: hybrid8]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
What happens if you do this on her machine? Start - Run - \\192.168.0.1\ ? (Replace the IP with one of your machines containing a share). It should pop up a box asking for a username and password. What works best is to do MACHINENAME\username for the username, so her machine doesn't try to get the domain involved.

Top
#242160 - 21/11/2004 23:40 Re: Accessing shared machine at home?? [Re: hybrid8]
Jerz
addict

Registered: 13/07/2002
Posts: 634
Loc: Jesusland

Top
#242161 - 22/11/2004 01:19 Re: Accessing shared machine at home?? [Re: Jerz]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Quote:
Mobile Net Switch

Hmm, interesting program. Might have to recommend it to a few people here at work that go back and forth. I used to do that on my PC laptop and used a batch file that tried to copy a file off a server local to a LAN. Depending on what it got back it would set up proxies and such.

OS X, I hit Apple, and Location.

Top
#242162 - 22/11/2004 05:15 Re: Accessing shared machine at home?? [Re: drakino]
gbeer
carpal tunnel

Registered: 17/12/2000
Posts: 2665
Loc: Manteca, California
Apple has been cool that way for a long time, even before X came out.
_________________________
Glenn

Top
#242163 - 22/11/2004 06:32 Re: Accessing shared machine at home?? [Re: hybrid8]
genixia
Carpal Tunnel

Registered: 08/02/2002
Posts: 3411
Quote:
Another (unrelated PITA) is that to connect to my WiFi router, I have to disable a couple of VPN-related things from her wireless profile (Odessey client and some EAC thing)

I don't know about Odessey but EAC is probably Extranet Access Client, which is the VPN client software used to connect to Nortel Contivity VPN gateways. It has likely been configured to lock out connections from any IP except the VPN gateway and also to lock out connections on any interface except the 100baseT ethernet port. This would be a common security setting for EAC - it prevents back door attacks into a corporate network if someone hacks your girlfriend's computer via wireless, and also prevents trojan software acting as a gateway between a remote attacker and the corporate network. Unfortunately it is also user-unfriendly, but there will be little that you can do to prevent that. The question is why is EAC activating that setting automatically at boot? It should only do that when a VPN connection is made.
_________________________
Mk2a 60GB Blue. Serial 030102962 sig.mp3: File Format not Valid.

Top
#242164 - 22/11/2004 13:17 Re: Accessing shared machine at home?? [Re: drakino]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
I just wish that Apple->Location would also change the menubar network icons. I don't really want to see modem status when I'm working over ethernet or vice versa.
_________________________
Bitt Faulk

Top
#242165 - 22/11/2004 14:56 Re: Accessing shared machine at home?? [Re: hybrid8]
jmwking
old hand

Registered: 27/02/2003
Posts: 777
Loc: Washington, DC metro
Here's one possible solution which I used to resolve a similar problem. YMMV

Are you using Simple File Sharing (the XP default)? In Windows Explorer, select Tools, Folder Options, View and uncheck "use simple file sharing..." at the bottom of the Advanced area.

You'll then need to grant new user or group shares for everyone in the workgroup to not break their access (or at least I did when I made a similar change).

Either create a traditional "guest" userid and password, or create individual userids on your computer that match all the userids on the computers in your workgroup and one for your girlfriend. Being a paranoid computer type, I'm all for the latter option.

If you chose the latter option, create a "sharing" group, and add all the workgroup userids and your girlfriend's new userid. Using the latter method, you can also share specific resources on a userid by userid basis, as needed.

Share the resources with the guest id or the group (depending on which way you went), granting whatever rights you want them to have (I think "full control" is the default for simple file sharing).

It should prompt her for her userid on connecting. If you use the same userid as her work userid, she may have to name herself as "workgroupname\userid" rather than just "userid".

-jk

Top
#242166 - 22/11/2004 15:30 Re: Accessing shared machine at home?? [Re: hybrid8]
DWallach
carpal tunnel

Registered: 30/04/2000
Posts: 3810
On a related but unrelated note, I've been an SBC DSL customer for several years now, paying extra for 5 static IP addresses, so I can get to my home machine from wherever. In practice, I find that I don't really use it that way very often, particularly because (for whatever reason) wake-on-LAN packets seem not to work. More on that in a minute. Meanwhile, because I was able to get those IP addresses to reverse-map to DNS names at Rice, it means that I can get into services like the ACM and IEEE library, for which Rice buys site licenses.

Right now, I'm getting 1.5Mb down and 128kb upstream bandwidth. SBC has a new promotion that could give me double that for a very reasonable price, but with dynamic IP. I can't justify the price that would give me extra bandwidth and let me keep my static IP addresses. I'm apparently very close to my CO, so I have a high chance of actually achieving that higher bandwidth (although I'd probably have to get a newer DSL modem to replace my ancient Alcatel box).

Would the extra bandwidth be nice? Occasionally yes, particularly for uploads, mostly no. It wouldn't be enough for X or NFS to become feasible, although VNC might start looking very attractive. (Mostly, I just work with local files and sync things with CVS over ssh.) Would the loss of the ACM and other libraries be a pain? I think there's an on-campus web proxy server that I could configure my browser to use for these things, so I could work around the problem. What about getting at the home machine from work? It's just not something I really ever need to do.

I could try to repair the wake-on-LAN issue to make my machine remotely wake-up-able again. The issue seems to have something to do with the NAT functionality of my Linksys WRT54G. If I make the internal and external IP addresses be the same, then wake-on-LAN starts working again, but I want to have potentially more than five devices at a time on the internal network. Right now, I'm running the Linksys with stock firmware, but maybe all of the free software add-ons would improve the situation.

Any thoughts on services like dyndns.org? Could a hacked Linksys box keep me accessible, even with the main machine asleep during the day?

Top
#242167 - 22/11/2004 18:30 Re: Accessing shared machine at home?? [Re: DWallach]
mcomb
pooh-bah

Registered: 31/08/1999
Posts: 1649
Loc: San Carlos, CA
Quote:
Any thoughts on services like dyndns.org


I've been using dyndns.org's free service for at least 4 years. In that time they've had one annoying outage of a day or so. The rest of the time its worked flawlessly. I'm very happy with the service, its saved me the $5 or $10 a month that I would have payed for a static IP all this time. I've used it with internet access from Comcast, SBC, Verizon, Sonic.net, and even Ricochet before they went belly up and never had a problem. Highly recommended.

-Mike
_________________________
EmpMenuX - ext3 filesystem - Empeg iTunes integration

Top
#242168 - 22/11/2004 19:31 Re: Accessing shared machine at home?? [Re: mcomb]
JBjorgen
carpal tunnel

Registered: 19/01/2002
Posts: 3584
Loc: Columbus, OH
Ditto
_________________________
~ John

Top
#242169 - 22/11/2004 20:30 Re: Accessing shared machine at home?? [Re: mcomb]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
As an aside, if you have a selection of your own domain names, eNom's namecheap.com reseller offers DDNS for free on your own domain name. DynDNS requires you to use one of their TLDs as far as I recall, unless you pay.

Now I just need to get the SVEASOFT firmware on the WRT54G to use namecheap.com's DDNS URL instead of the ones it currently has built-in support for...

Bruno
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#242170 - 22/11/2004 20:52 Re: Accessing shared machine at home?? [Re: hybrid8]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
So did you end up solving the problem with the share? What did it turn out to be?
_________________________
Tony Fabris

Top
#242171 - 22/11/2004 22:48 Re: Accessing shared machine at home?? [Re: tfabris]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
Won't get to try the laptop until at least tomorrow. I'm very curious to try the software suggested above to manage different profiles though. It might be necessary even if my "server" machine is set up correctly.

The only NetBIOS protocol I have is NWLink NetBIOS - it's not currently installed.

I do have Guest disabled. I suppose it's not a security risk to have it enabled though. What I did was just create a user account for my girlfriend. That way she can log in herself as I have my shares set with allow access to "everyone" who has an account on that machine. The hurdle is to even have my machine visible to hers (with or without specifying the workgroup)

Bruno
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#242172 - 22/11/2004 23:23 Re: Accessing shared machine at home?? [Re: hybrid8]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Quote:
The only NetBIOS protocol I have is NWLink NetBIOS - it's not currently installed.

No, what I was talking about is not a protocol. It's a checkbox deep within the property pages of the TCP/IP protocol. If it's unchecked on either the client or the server, it will prevent someone from accessing the server's Windows shares.

Actually on recent Windows computers it's not a checkbox, it's a radio button giving three options:

- Disable
- Enable
- Automatic based on the DHCP server

If it's either disabled or it's set to Auto and the DHCP server disables it, then you'll get the problem you describe.

I don't know where the setting lies in Windows XP, but in Windows 2000 it's Control Panel, Network and Dial Up connections, Local Area Connection (rtclick get properties), select the TCP/IP protocol and get Properties, select the Advanced button, select the WINS tab. It's there at the bottom.
_________________________
Tony Fabris

Top
#242173 - 23/11/2004 00:35 Re: Accessing shared machine at home?? [Re: tfabris]
Jerz
addict

Registered: 13/07/2002
Posts: 634
Loc: Jesusland
Quote:
I don't know where the setting lies in Windows XP, but in Windows 2000 it's Control Panel, Network and Dial Up connections, Local Area Connection (rtclick get properties), select the TCP/IP protocol and get Properties, select the Advanced button, select the WINS tab. It's there at the bottom.


...basically the same place in xp.


Attachments
241520-tcpip.JPG (118 downloads)


Top
#242174 - 23/11/2004 13:22 Re: Accessing shared machine at home?? [Re: tfabris]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
You should have said it was inside WINS. I have it set to Auto. I'll try it tonight and then play with manually turning it on to see if it makes a difference.

I'll likely still have to use the other profile tool, if ony to avoid having to enable/disable the odessey client and other VPN component each time she wants to connect to the net at home.

Bruno
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#242175 - 23/11/2004 14:16 Re: Accessing shared machine at home?? [Re: hybrid8]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Quote:
I'll try it tonight and then play with manually turning it on to see if it makes a difference.

Remember that both the client and the server need it on, and also the other two criteria I listed must be met as well (on both the client and the server).
_________________________
Tony Fabris

Top
#242176 - 23/11/2004 16:31 Re: Accessing shared machine at home?? [Re: tfabris]
hybrid8
carpal tunnel

Registered: 12/11/2001
Posts: 7738
Loc: Toronto, CANADA
Well as far as #3 (Windows Firewall) I do have it enabled, but it's not blocking shares. I can access shares from my Mac and my other XP system (which is part of the same workgroup).

And I've still got Guest disabled, but created an account for her (which has access to the shares). I'd like to test this out before enabling Guest. I wanted to have a password for guest, but that's really just like making another normal account, isn't it?

To be truthful, this all started because I was farting around with her machine again and locked her out. Hehehe. Oops. Must remember not to remove the domain.

Bruno
_________________________
Bruno
Twisted Melon : Fine Mac OS Software

Top
#242177 - 23/11/2004 16:57 Re: Accessing shared machine at home?? [Re: hybrid8]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
Quote:
but created an account for her (which has access to the shares).


Okay, that will work but the thing is, she's gotta authenticate with *YOUR BOX* not with the domain. Here's how that works...

When she's part of a domain, her account is part of that domain's database. So the account name is more than just her name, it's the domain PLUS her name, like this:

GirlfriendsDomain\Girlfriend

When she goes to log on to YOUR server, if you don't specify the domain, then it'll assume "GirlfriendsDoman" and not your server. The domain must be the name of bruno's server when she logs in to your server, like so:

BrunosServer\Girlfriend

When the time comes to connect to your server, she'll get prompted in one of two ways. It'll either ask for:

Username:
Password:
Domain:


Or it might just ask for:

Username:
Password:


If it asks for all three, then you log in as:

Username: Girlfriend
Password: GirlfriendsPassword
Domain: BrunosServer


If it only asks for the two, then you log in as:

Username: BrunosServer\Girlfriend
Password: GirlfriendsPassword


That way, it's not confused as to which domain the account is coming from and can log her in without complaining.
_________________________
Tony Fabris

Top