Safe Sharing On The LAN

In Chapter 2, we recommended that you turn off Simple File Sharing on a standalone home PC. While the recommendation still holds if your PC is a standalone machine with just an Internet connection, you may need to turn on Simple File Sharing if you are on a network. Simple File Sharing is standard in XP Home and available in stand-alone non-domain XP Professional systems. XP Professional has the option of using advanced file sharing even if the system is not connected to a domain. File sharing on a network can make things much easier. For example, sharing your MP3 col- lection folder or your family album across multiple computers at home is a much better idea than copying the same files over and over again from one computer to another.

Note that the “Simple” in Simple File Sharing refers to the ease of use in file sharing, and does not mean that the file sharing is technologically inferior to the advanced file sharing in XP Professional. Simple File Sharing hides the complexity of manag- ing users and permissions for newbies.

To turn on Simple File Sharing, go to My Computer > Tools > Options. Select the View tab and check the box that says “Use Simple File Sharing (Recommended)”.

In Simple File Sharing, users have only two options:

❍ Share a folder on the network

❍ Allow users to change files in the shared folder

It is advisable to keep the shared folder in your My Documents folder or on your Desktop: it will be easily accessible, and you can disable sharing at any time you want. To create a shared folder, right-click on an existing folder, or create a new one and then right-click it. Select “Sharing and Security” to open the Sharing tab of the folder’s Properties dialog box. In the “Network sharing and security” section, check the box next to “Share this folder on the network”. However, the files within this folder are read-only,

that is, users cannot change the contents of the file and save it back to the shared folder. To allow network users to change the file contents, check the box next to “Allow network users to change my files”. This will make this folder accessible to whoever browses the network for shared folders.

If you want to give a different name for the shared folder, type in that name in the “Share Name:” field. For example, if your local folder is called “My Music”, you might want to change the name to “Family Music Centre”. To verify that the files have been shared, go to My Network Places and look for the shared folder name, in our case, “Family Music Centre”, under your computer name.

If the sharing option isn’t available, you’ll see a message at the bottom of the Sharing tab, which says that remote connections are disabled until you run the Network Setup Wizard. Run the Wizard to set up your network, then come back to this tab to set up the shared folder.

XP Professional supports more advanced file sharing, which gives you greater control over who can access your files and what each user or user group can do with those files. To use the advanced sharing options, you will first need to turn off Simple File Sharing by doing the reverse of what’s been described above.

As with Simple File Sharing, right-click on the folder you wish to share and select “Sharing and Security”. The sharing tab will look different from the one with Simple File Sharing turned on.

Specify a share name and click Permissions to edit the users or user groups who will have access to this shared folder. Users

(or user groups) can be given full control, permitted to change files, or only given read rights. By default, if the user is not listed in the per- missions list, he will be denied access.

In the permis- sions dialog box, the default listing will be for the “Everyone” group. This allows access to anyone who con- nects to this shared folder.

Select the

Everyone group and click Remove. Next click Add to select the users who can access the folder. In the resulting “Select Users or Groups” dialog box, click “Object Types”. This will open the Object Types dialog box. Clear the checkboxes next to “Built-in Security Principals and Groups”. Ensure that the box next to Users is checked, and click OK.

Now click on Advanced and then Find Now. XP will search the network for users. Select the users to whom you want to give access to the shared folder and click OK. Double-click on each user and determine the permission level— full control, change, or read. “Full con- trol” allows the user to make changes

XP Professional’s Advanced File Sharing

Setting Permissions for different users

and even delete a file; “change” only allows the user to change the contents of a file; and “read” restricts the user to only viewing the contents of the file.

Note that you can only set permis- sions if you are using an NTFS-formatted disk partition.