Folder Sharing Right Approach

Posted on 2006-03-26
Last Modified: 2012-05-05
We have a network (LAN) of around 100 PCs connceted together under a same WorkGroup . Many times PCs user are required to Share their Folders with their other departmental users . To share Folders earlier we allowed the users to Share Folders using NetBui protocol . But this resulted into following problems :
a) Netwrok Traffic increased very high . While analysing the Network Traffic we found there was huge network traffic for UDP data pacakets .
b) If we run netwatch command on PC then found that many users are connected to the individual desktop
c) It also created Virus related issues . Although we had installed Trend-Micro officescan on the Desktop .

Looking into these we had stopped Folder Sharing .

Kindly guide us that what is the right method for Sharing the folders .As it is very much required to our users .

B Mittal

Question by:bvmittal
    LVL 5

    Accepted Solution

    As you found NetBEUI is very "chatty", changing your default protocol to TCP/IP will improve things immensely!

    What Operating systems are the desktops? Do you have a server you can tun on DHCP (automatic IP addressing?) If so, use that (DHCP is easy to confgure, you can ask here). If you don't have a server (I assume you don't since you're a workgroup).

    If they can currently hit the Internet go to one PC and hit START...RUN.. type CMD hit <Enter> then type IPCONFIG /ALL and note the DNS server IP address(es) and the default gateway address - the DNS and gateway addresses would be the same for all PC's. You're PC's should be in the same subnet as the default gateway. (for arguments sake we'll say your defaul gateway is current

    Change your network protocol to TCP/IP, give each PC a unique IP address (, etc), use a subnet mask of (same for all PC's) and

    Sample config:
    PC #1
    TCP/IP address:
    Subnet mask:
    Default gateway:

    PC #2
    TCP/IP address:
    Subnet mask:
    Default gateway:


    Additionally you should have NTFS file systems on these PC's, if they are FAT32 for any reason convert then to NTFS (you can do this w/out losing data). Then set security on each shared folder to only allow specific users access instead of having them wide open.
    LVL 11

    Assisted Solution

    by:Renato Montenegro Rustice
    With 100 workstations its time for a server technology. There are too many user databases and folder to mantain. I'll try to give you the general guide lines:

    1. Install Servers.

    You can start with 3 servers. 2 of them can be a PIII with 512 RAM and enough space to run Windows 2000 or Windows 2003, Active Directory, DNS and DHCP. You need 2 to have some redundancy. On this computer you will create users and groups and manage them from this single point.

    The 3th one will be your file and print server. It has to be plenty of disk space. A P4, 512MB or 1GB RAM can do the job quite well. On this server, you will copy all useful user files (files that need backup).

    2. Join workstations to the domain

    Once your server's environment is ready, you can start to join the user's computers to domain. Now, they can be managed from any point of network.

    Finally, dont try to manage your network the way you are doing today. You will need a server technology.
    LVL 5

    Expert Comment

    rmjustice is right, time for a server or two.

    If you go this route the File & Print server should not just be a desktop but a proper server: drives with RAID 5 (hot swappable). Raid 5 allows a drive to die without any data loss/down time.

    To save money on hardware/software you can get by with two servers - on as the domain controller / DHCP server the other can be the other domain controller as well as the file/print server, (this would save you the hardware for it and the $500 or so for a Windows 2003 Server license). Of course then you need to set up / have someone set up Active Directory, DNS and DHCP for you but in the long run you will save an immense amount of time as all your shares and files will be in once place for administration and easse of backup.

    Also sharing from the server will prevent anyone from accidentlaly sharing their desktop or other unintended share.

    Author Comment

    Thanks  rmrustice for the nice recommendation .
    My problem is that I have never configured Active Directory / DNS /DHCP and File Server . May I request you to please suggest the guideline for doing this else suggest me some good text book to refer please .

    B Mittal
    LVL 11

    Expert Comment

    by:Renato Montenegro Rustice
    You are welcome.

    Well, its not such an hard task, but its recommended to have some official Windows classes (Microsoft Official Curriculum). But I'll try to give you the general guidelines:

    1. Plan your DNS and DHCP beforehand.

    Make sure that your network setup is fine and that your clients can receive automatic IP address with the correct options (which you setup inside DHCP Manager), like Default Gateway, DNS Servers addresses and Domain name (DNS domain name). Make sure yours servers have static IP Addresses (non DHCP).

    for DNS, never setup a top level domain, like "mydomain", but choose a regular domain like "mydomain.corp" or "". Create a foward (name to IP) and a reverse zone (ip to name). Enable automatic update of DNS records. From prompt, test your configuration with NSLOOKUP utility.

    2. Run DCPROMO at server

    Now that your network infrastructure is fine, you can promote your regular server to an Active Directory model. Run DCPROMO from command prompt or Start/Run and follow the wizard. Choose all settings that tell "New". New domain, new forest, new everything. On the domain name, write your DNS domain name "". Complete the wizard and reboot. Now, you have an AD.

    4. Create users and groups

    On your new AD server, open Active Directory Users and Computers and create users and groups. You can create them on the folder "Users". Later, you'll find another interesting concepts like OUs and so on. But now, do the simple.

    4. Join your computers do domain

    Log in as a local administrator. Right click "My Computer" and go to the computer identification. Change from a Workgroup to Domain and type your full DNS domain name "". Give the username to your users and let him log on to the new domain. You must change the combo box in the login screen to match your domain name.

    5. Copy sensitive data to the server

    Now that everything is up and running, start copying user data to the file server and setting up the apropriate permissions to users and groups.

    That's the general guidelines. You can look for those terms in google or just come on here and ask up in each step. It you be a pleasure to help.

    Best regards.

    LVL 5

    Expert Comment

    I realize this was to be general general but don't forget to share the folders you've copied to the server and set permisisons on the shares. When it comes to that let's say you have a C: and D: drive on your server. On the D: drive create a folder called \SHARED   Copy the files/ folders to be shared to the \SHARED folder. While there are many ways to structure your shares, here's an example


    Then you can create a login script called LOGIN.BAT (or any name you'd like) and it's contents would be:
    @echo off
    net use S: \\<SERVERNAME>\SHARED

    Then in each Active Diretory user profile make sure you put "LOGIN.BAT" in their PROFILE tab where it says "Login script"

    Then each user would have an S: drive (S for shared!) and on that they would see many folders. You would set up permissions on each folder under \SHARED that you want to restrict access to.  For \SHARED itself I would leave the permission open so a user could create a new folder on their S: drive.

    Alternately you could share just \ACCOUNTING and have that mapped for the Accounting dept, share \HR and map that just for the HR dept, but if that as the case your directory structure should look like:

    D:\SHARED            <------- share this - everyone gets this mapped, i,e. S:
    D:\HR                    <------- share this - only HR gets this mapping, i,e. R:  
    D:\ACCOUNTING    <-------- share this - only accounting gets this mapping,  i,e. T:

    The reason not to keep \HR and \ACCOUNTING under \SHARED is everyone wll see the \HR and \ACCOUNTING folders even if they don't have access to it (you can actally *hide* them but that effort gets complex and tough to troubleshoot later), if it's not under \SHARED then only the mapped departments will even know those folders exist. The reason I have HR and Acccounting examples as different drives you never know if someone might need both R: and T: mapped, so a division president might have R: S: and T: drives, while a mere accountant would have just S: and T:

    Another convention I use is having a D:\INSTALL folder and I map users' I: drive (I for Install) so I now have a central installion point to copy installation CD's to it (MS Office, Acrobat Reader, etc). For I: you give users Read Only.

    For users' home directories I assign the letter H: (for home). This can be set at each users' Active Directory profile or the login script.

    How you initially set up your directory structure and shares will have a huge effect on how much effort it takes to administer the shares later.
    LVL 5

    Expert Comment

    Any update on this?

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    What is IRC? IRC (Internet Relay Chat) is a form of communication between multiple users. It is available freely to anyone with inernet access. IRC is a great way to communicate with others e.g. There is an IRC channel for Ubuntu Linux, which is fo…
    Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now