Solved

Windows XP Simple File Sharing & Novell Workstation Manager

Posted on 2004-10-27
1,067 Views
Last Modified: 2013-12-03
OK, here's a little brain-teaser for those who thinks he already knows this subject inside & out.

Scenario:
Roaming Profile is enabled on the Novell 6.0 server.  The client has the Novell Client 4.9sp1 installed with the Novell Workstation Manager making this "roaming" feature possible on Windows XP.

My Goal:
To turn off Windows XP SIMPLE FILE SHARING for good which is turned on by default everytime a logoff is made by a Novell Roaming Profile User Account.  And Yes, it is a workgroup environment (non-domain) where SFS is turned on by default.

Why am I trying to turn Simple File Sharing off?
Since it prevents you from connecting to the workstation's admin share remotely. Such as \\computername\c$


So any "experts" out there who can offer solid advice???
0
Question by:exhaust
    11 Comments
     
    LVL 40

    Accepted Solution

    by:
    How about a batch file that disables SFS?

    http://www.jsiinc.com/SUBO/tip7200/rh7286.htm

    The syntax for using NoSFS.bat is:

    NoSFS ComputerName1 [ComputerName2 ... ComputerNamen]

    where ComputerNameX is a Windows XP Professional computer name in your network.

    NoSFS.bat contains:

    @echo off
    If {%1}=={} @echo Syntax: NoSFS ComputerName1 [ComputerName2 ... ComputerNamen]&goto :EOF
    setlocal
    :Next
    if {%1}=={} endlocal&goto :EOF
    set computer=%1
    shift
    set computer=%computer:"=%
    set key="\\%computer%\HKLM\SYSTEM\CurrentControlSet\Control\Lsa"
    if /i "%computername%" EQU "%computer%" set key="HKLM\SYSTEM\CurrentControlSet\Control\Lsa"
    @echo reg add %key% /v forceguest /t REG_DWORD /d 00000000 /f
    reg add %key% /v forceguest /t REG_DWORD /d 00000000 /f
    @echo.
    goto :Next
    0
     
    LVL 12

    Expert Comment

    by:alandc
    Have you tried a local admin logon to disable SFS so the default local is "turned OFF by default"?
    0
     
    LVL 12

    Expert Comment

    by:alandc
    If I understand however "simple sharing" only permits Guest-based connections (no password).

    The system automatically creates hidden "administrative shares" for its logical drives C:, D:, and so forth which it names C$, D$ and so forth. It also creates the admin$ hidden share for to the \winnt folder. These shares are designed for remote access support by domain administrators. By default, if you delete these admin shares, they will be recreated when you reboot. To disable permanently so they will not be recreated on the next reboot, use the following Windows NT / Windows 2000 / Windows XP registry hack:

    Hive: HKEY_LOCAL_MACHINE
    Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
    Name: AutoShareServer for servers
    Name: AutoShareWks for workstations
    Type: REG_DWORD
    Value: 0

    http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q314984
    0
     
    LVL 40

    Expert Comment

    by:Fatal_Exception
    It is really not recommended that you disable the administrative shares...  At least, as far as this administrator is concerned..   Just my opinion, of course..  :)

    There is a reg hack that will also do disable SFS:

    ;Do not use Simple File Sharing
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "forceguest"=dword:00000000
    0
     
    LVL 3

    Author Comment

    by:exhaust
    Alandc and Fatal Exception,

    Yes, I have tried local admin logon to disable Simple File Sharing.    You're starting to miss the point to the "goal".  I'm not trying to disable the administrative shares.

    If you guys wanna try connecting to \\computername\c$ while SFS is turned on, you'll get as far as the prompt for the admin username and password but you'll never access the C:\ drive remotely.

    However, disabling SFS allows you to access \\computername\c$ no problemo!  And make it act more like Windows 2000.

    0
     
    LVL 40

    Expert Comment

    by:Fatal_Exception
    I think that was what I was trying to point out in my post...  did you try that reg hack or the script yet?
    0
     
    LVL 12

    Expert Comment

    by:alandc
    ditto,

    At your logon prompt click "workstation" and logon locally and set your desired settings (reg hack or script)?

    Does that stick after a Novell logon/logoff?
    0
     
    LVL 12

    Expert Comment

    by:alandc
    BTW,
    I do understand what you are trying to do.
    It's similar to this question.
    http://www.experts-exchange.com/Q_20984418.html

    only with the added complication that NOVELL services keeps turning it back on.

    My idea is that having it OFF in the admin/default profile with somehow retrian the NOVELL client not to turn it back on.

    I have already searched the Novell Knowledgebase trying to find a clue there too.
    0
     
    LVL 40

    Expert Comment

    by:Fatal_Exception
    I would think that setting the script to run after Novell has authenticated should do the trick...  
    0
     
    LVL 3

    Author Comment

    by:exhaust
    I haven't tried your script yet.  But I will just join it to an Active Directory Domain where SFS is still turned on but you can connect to the admin share for some funny reason.

    Appreciate your suggestion on doing the script thing though.  Although that will really complicate my situation.

    Thanks to everyone's word of advice
    0
     
    LVL 40

    Expert Comment

    by:Fatal_Exception
    Thanks, and a Happy New Year to you and yours!

    FE
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Lean Six Sigma Project Manager Certification

    There are many schools of thought around successful project management, but few as highly regarded as the Six Sigma and Lean methods. With 37 hours of learning, this training will explain concrete processes for increasing efficiency and limiting wasted time and effort.

    I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
    In this article we will discuss all things related to StageFright bug, the most vulnerable bug of android devices.
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    913 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now