We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Folder Sharing Right Approach

bvmittal asked
Medium Priority
Last Modified: 2012-05-05
We have a network (LAN) of around 100 PCs connceted together under a same WorkGroup . Many times PCs user are required to Share their Folders with their other departmental users . To share Folders earlier we allowed the users to Share Folders using NetBui protocol . But this resulted into following problems :
a) Netwrok Traffic increased very high . While analysing the Network Traffic we found there was huge network traffic for UDP data pacakets .
b) If we run netwatch command on PC then found that many users are connected to the individual desktop
c) It also created Virus related issues . Although we had installed Trend-Micro officescan on the Desktop .

Looking into these we had stopped Folder Sharing .

Kindly guide us that what is the right method for Sharing the folders .As it is very much required to our users .

B Mittal

Watch Question

As you found NetBEUI is very "chatty", changing your default protocol to TCP/IP will improve things immensely!

What Operating systems are the desktops? Do you have a server you can tun on DHCP (automatic IP addressing?) If so, use that (DHCP is easy to confgure, you can ask here). If you don't have a server (I assume you don't since you're a workgroup).

If they can currently hit the Internet go to one PC and hit START...RUN.. type CMD hit <Enter> then type IPCONFIG /ALL and note the DNS server IP address(es) and the default gateway address - the DNS and gateway addresses would be the same for all PC's. You're PC's should be in the same subnet as the default gateway. (for arguments sake we'll say your defaul gateway is current

Change your network protocol to TCP/IP, give each PC a unique IP address (, etc), use a subnet mask of (same for all PC's) and

Sample config:
PC #1
TCP/IP address:
Subnet mask:
Default gateway:

PC #2
TCP/IP address:
Subnet mask:
Default gateway:


Additionally you should have NTFS file systems on these PC's, if they are FAT32 for any reason convert then to NTFS (you can do this w/out losing data). Then set security on each shared folder to only allow specific users access instead of having them wide open.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
With 100 workstations its time for a server technology. There are too many user databases and folder to mantain. I'll try to give you the general guide lines:

1. Install Servers.

You can start with 3 servers. 2 of them can be a PIII with 512 RAM and enough space to run Windows 2000 or Windows 2003, Active Directory, DNS and DHCP. You need 2 to have some redundancy. On this computer you will create users and groups and manage them from this single point.

The 3th one will be your file and print server. It has to be plenty of disk space. A P4, 512MB or 1GB RAM can do the job quite well. On this server, you will copy all useful user files (files that need backup).

2. Join workstations to the domain

Once your server's environment is ready, you can start to join the user's computers to domain. Now, they can be managed from any point of network.

Finally, dont try to manage your network the way you are doing today. You will need a server technology.
rmjustice is right, time for a server or two.

If you go this route the File & Print server should not just be a desktop but a proper server: drives with RAID 5 (hot swappable). Raid 5 allows a drive to die without any data loss/down time.

To save money on hardware/software you can get by with two servers - on as the domain controller / DHCP server the other can be the other domain controller as well as the file/print server, (this would save you the hardware for it and the $500 or so for a Windows 2003 Server license). Of course then you need to set up / have someone set up Active Directory, DNS and DHCP for you but in the long run you will save an immense amount of time as all your shares and files will be in once place for administration and easse of backup.

Also sharing from the server will prevent anyone from accidentlaly sharing their desktop or other unintended share.


Thanks  rmrustice for the nice recommendation .
My problem is that I have never configured Active Directory / DNS /DHCP and File Server . May I request you to please suggest the guideline for doing this else suggest me some good text book to refer please .

B Mittal

You are welcome.

Well, its not such an hard task, but its recommended to have some official Windows classes (Microsoft Official Curriculum). But I'll try to give you the general guidelines:

1. Plan your DNS and DHCP beforehand.

Make sure that your network setup is fine and that your clients can receive automatic IP address with the correct options (which you setup inside DHCP Manager), like Default Gateway, DNS Servers addresses and Domain name (DNS domain name). Make sure yours servers have static IP Addresses (non DHCP).

for DNS, never setup a top level domain, like "mydomain", but choose a regular domain like "mydomain.corp" or "mydomain.com". Create a foward (name to IP) and a reverse zone (ip to name). Enable automatic update of DNS records. From prompt, test your configuration with NSLOOKUP utility.

2. Run DCPROMO at server

Now that your network infrastructure is fine, you can promote your regular server to an Active Directory model. Run DCPROMO from command prompt or Start/Run and follow the wizard. Choose all settings that tell "New". New domain, new forest, new everything. On the domain name, write your DNS domain name "mydomain.com". Complete the wizard and reboot. Now, you have an AD.

4. Create users and groups

On your new AD server, open Active Directory Users and Computers and create users and groups. You can create them on the folder "Users". Later, you'll find another interesting concepts like OUs and so on. But now, do the simple.

4. Join your computers do domain

Log in as a local administrator. Right click "My Computer" and go to the computer identification. Change from a Workgroup to Domain and type your full DNS domain name "mydomain.com". Give the username to your users and let him log on to the new domain. You must change the combo box in the login screen to match your domain name.

5. Copy sensitive data to the server

Now that everything is up and running, start copying user data to the file server and setting up the apropriate permissions to users and groups.

That's the general guidelines. You can look for those terms in google or just come on here and ask up in each step. It you be a pleasure to help.

Best regards.

I realize this was to be general general but don't forget to share the folders you've copied to the server and set permisisons on the shares. When it comes to that let's say you have a C: and D: drive on your server. On the D: drive create a folder called \SHARED   Copy the files/ folders to be shared to the \SHARED folder. While there are many ways to structure your shares, here's an example


Then you can create a login script called LOGIN.BAT (or any name you'd like) and it's contents would be:
@echo off

Then in each Active Diretory user profile make sure you put "LOGIN.BAT" in their PROFILE tab where it says "Login script"

Then each user would have an S: drive (S for shared!) and on that they would see many folders. You would set up permissions on each folder under \SHARED that you want to restrict access to.  For \SHARED itself I would leave the permission open so a user could create a new folder on their S: drive.

Alternately you could share just \ACCOUNTING and have that mapped for the Accounting dept, share \HR and map that just for the HR dept, but if that as the case your directory structure should look like:

D:\SHARED            <------- share this - everyone gets this mapped, i,e. S:
D:\HR                    <------- share this - only HR gets this mapping, i,e. R:  
D:\ACCOUNTING    <-------- share this - only accounting gets this mapping,  i,e. T:

The reason not to keep \HR and \ACCOUNTING under \SHARED is everyone wll see the \HR and \ACCOUNTING folders even if they don't have access to it (you can actally *hide* them but that effort gets complex and tough to troubleshoot later), if it's not under \SHARED then only the mapped departments will even know those folders exist. The reason I have HR and Acccounting examples as different drives you never know if someone might need both R: and T: mapped, so a division president might have R: S: and T: drives, while a mere accountant would have just S: and T:

Another convention I use is having a D:\INSTALL folder and I map users' I: drive (I for Install) so I now have a central installion point to copy installation CD's to it (MS Office, Acrobat Reader, etc). For I: you give users Read Only.

For users' home directories I assign the letter H: (for home). This can be set at each users' Active Directory profile or the login script.

How you initially set up your directory structure and shares will have a huge effect on how much effort it takes to administer the shares later.
Any update on this?
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.