Windows XP Sharing Resources

  • Print Article |
  • Send to a Friend |
  • |
  • Add to Google |

In the olden days, the 1980s in PC years, computers were stand-alone. There was only one way to share information, and that was to copy it from one computer to floppy disk, and then copy the information from the floppy disk onto another computer. Keeping information synchronous on all computers was difficult.

Networking changed all of that. By being able to share the information stored on one computer, corruption of data was lessened and the information disseminated was uniform.

Creating Folders
Folders can be shared on any volume, whether they are partitioned as FAT, FAT32, or NTFS. It is quite simple to share a folder. In Windows Explorer, right click the folder you wish to share. From the shortcut menu, select Sharing and Security.... A dialog box will appear.

NOTE: If the volume is FAT or FAT32, the Security tab will not exist.

Select the radio button Share this folder. You will be prompted for a name for the share. Choose a name that is user-friendly, one that clearly identifies the contents. It is also considered good convention to keep the share name to eight characters or less, in case some of the systems that will be accessing your share cannot read long filenames. You can allow unlimited access to your shared folder, or you can limit the number of users who can access the folder at one time.

Once you have created the share and applied it, you can share the same folder again using a different share name. For example, you can share the folder in the English and French variations of the share name.

With Windows XP, there is another way to create shares, within the Computer Management console. Using Shared Folders, you can view the connections and resource usage for the local machine as well as remote resources. Shared Folders replaces the resource-related components found in Server in Control Panel in Windows NT 4.0.

Control access with permissions
By default, the Everyone group has full control on a shared folder. What that means is that any authenticated user can read, modify, delete, or change permissions on a folder accessed remotely from the network. By controlling access through permissions, you can restrict who can read or change the documents you share.

On a FAT or FAT32 volume, share security is the only security available for the folder. You cannot put local security, that is, restrictions on who can access information when they are seated at your computer, on a FAT volume.

There are three levels of security on a shared folder - Read, Change, and Full Control. All files in the folder have the same permission as the parent folder - you cannot secure a share down to the file level. Any subfolders or files beneath the root share will all hold the same permissions. Read permission allows a user to view the contents of the folder and to read any document in the folder, as well as execute a program (RX).

Change permission has the full Read permission with the additional permission to write to the file/folder or delete the folder or any file in the folder (RWXD). Full control allows the user Read, Write, Execute and Delete permissions, as well as the ability to change the permission on the folder.

By default, when you share a folder, the permissions are such the Everyone group has read access to the share.

Allowing or denying these three permissions can implement security. As with NTFS, you can also not specify an "allow" or "deny" for any permission. An individual's permission is calculated in the same fashion as well. All specified allow permissions for the username and groups in which the user is a member of are totaled, and then the deny permissions are removed. If a user has Change permission by virtue of membership in one group, but has Read permission denied by membership in another group, this user is going to be in the interesting position of being able to write to a folder and delete items in a folder, but be unable to read the contents of the folder or execute a program. That's a very good reason why you should plan carefully before implementing permissions.

Because NTFS permissions are also applicable on remote connection, that is, when accessing data stored on an NTFS volume through a shared folder, you may find yourself combining both types of permissions. Keep in mind how permissions are handled. All explicitly allowed permissions are tallied and then the permissions explicitly denied permissions are removed.

Combining the security of NTFS with the ability to share the data across the network gives you an ability to tightly control access to data.

Let's go back to George, who is a member of the Marketing and Sales group. We'll list his access permissions to the Information folder and calculate his effective permission.

USER/GROUP    NTFS PERMISSION     SHARE PERMISSION
George             Not specified             Not specified
Marketing         Group Read  (allow) Write (allow) Change (RWXD)
Sales Group Modify Change (RWXD)

Given this bit of information, can find that George has Change access through the share, and Modify access through the NTFS partition. With this, George can perform the same tasks both locally and remotely.

Let's change the permissions on the share.
USER/GROUP     NTFS PERMISSION     SHARE PERMISSION
George              Not specified            Not specified
Marketing Group Read (allow) Write (allow) Read (RX)
Sales Group Modify Read (RX)

Now, George's NTFS permissions have remained the same, granting him Modify access. However, the share permissions have changed, granting him only Read permission. With this setup, George would have Read permission over the network, and Modify access locally.

Connecting to Shared Resources
In the previous section, we discussed the ability to share information across the network. This section will show you the various methods on gaining access to those shared resources.

Map a Network Drive
You can connect to a shared resource by mapping the network drive to a logical drive letter. The shared resource can then be accessed as if it were a local drive. Mapping a network drive can be done in Windows Explorer by locating the shared resource and right clicking it in the tree pane. A shortcut menu appears with the choice Map Network Drive. You can also map a network drive by right-clicking My Network Places and accessing a similar shortcut menu that allows network drive mapping.

My Network Places
You can also access a shared resource by browsing through My Network Places. The advantage of doing this is when you wish to access a resource, but do not want to establish a mapping.

Start | Run
The Start | Run command can be used to access shared resources. The syntax is: \\Computername\sharename (e.g. \\myComputer\testshare).

If you are having trouble finding the computer, you can replace the computer name with its IP address. The syntax is: \\IPAddress\Sharename (e.g. \\192.168.17.22\testshare).

NET USE
The NET USE command utility dates back to the days of DOS. At the command prompt, type NET USE x: \\computername\sharename to connect to the resource (e.g.: NET USE G: \\JOHNSCOMPUTER\JOHNSSHARE).

Deborah Timmons is a Microsoft Certified Trainer and Microsoft Certified Systems Engineer. She came into the Microsoft technical field after six years in the adaptive technology field, providing technology and training for persons with disabilities. She is the President and co-owner of Integrator Systems Inc.

Rate this Article:
  • Article Word Count: 1176
  • |
  • Total Views: 872
  • |
  • permalink
  • Print Article |
  • Send to a Friend |
  • |
  • Add to Google |
>