marathonman330
asked on
"Access is denied." when trying to access shares on another PC in workgroup
I get the following message when I try to open up another PC in 'View workgroup computers' to connect to a share -
Workgroup name
\\PC1 is not accessibe. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
Access is denied.
I ran the Network Setup Wizard. File and Printer Sharing is on on both PCs. Both PCs are using the Windows Firewall and have an exception for File and Printer Sharing. Both are XP Pro. NetBIOS over TCP/IP is enabled on both PCs. There is network connectivity. I can ping the PC. I can see the PC. I'm trying to connect to a shared printer and install it. Any ideas would be appreciated. Thank you.
Workgroup name
\\PC1 is not accessibe. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
Access is denied.
I ran the Network Setup Wizard. File and Printer Sharing is on on both PCs. Both PCs are using the Windows Firewall and have an exception for File and Printer Sharing. Both are XP Pro. NetBIOS over TCP/IP is enabled on both PCs. There is network connectivity. I can ping the PC. I can see the PC. I'm trying to connect to a shared printer and install it. Any ideas would be appreciated. Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This is a rights issue. You need to have the same user name and password on all machines in a Workgroup. That is the only way this will work.
If you need further help setting up users, please let me know.
Cheers
If you need further help setting up users, please let me know.
Cheers
That is, in fact, a common misconception.
You can certainly use different usernames and passwords in a workgroup.
See the link I posted for details on that... :)
You can certainly use different usernames and passwords in a workgroup.
See the link I posted for details on that... :)
Yes you could do that, but why would you want to give 100% access to your systems? That is a huge security risk.
Um...I'm not sure what you're referring to.
It's more of a 'security risk' to give the same username and password to all systems than it is to use specific credentials per device. It's more of a nuisance maybe, but certainly not a security risk...
It's more of a 'security risk' to give the same username and password to all systems than it is to use specific credentials per device. It's more of a nuisance maybe, but certainly not a security risk...
ASKER
I won't be able to try any of the suggestions until tomorrow but I have setup many workgroups and have always been able to share files and printers without giving a thought to usernames and passwords. Thank you.
By default the network wizard sets you up with simple sharing...this is probably why. One or more of the systems still has this enabled.
Start->Run->secpol.msc
From Security Options - Network Access: Sharing and security model - change that setting to be the same on all devices. It's either classic - users authenticate as themselves or guest - users authenticate as guest (which if you want to share resources, you should disable the guest access anyway, since that can also be a security risk)
Start->Run->secpol.msc
From Security Options - Network Access: Sharing and security model - change that setting to be the same on all devices. It's either classic - users authenticate as themselves or guest - users authenticate as guest (which if you want to share resources, you should disable the guest access anyway, since that can also be a security risk)
Your instructions are flawless and well writen.
My concern is:
* Let Everyone's permissions apply to anonymous users as well:
Click Start->Run->SECPOL.MSC /S <ENTER>
Navigate to Local Policies/Security Options.
Double click "Network Access:Let Everyone permissions apply to anonymous users"
Click Enabled and click OK
* Enabling Guest account may be necessary:
Click Start->Run->Lusrmgr.msc
Open Users
Double click Guest account
Deselect Account is disabled (if selected)
Click OK
1. Allowing anonymous to have everyone permissions? Security risk?
2. Enabling Guest account? Security Risk?
Please correct me if I am wrong.
Cheers
My concern is:
* Let Everyone's permissions apply to anonymous users as well:
Click Start->Run->SECPOL.MSC /S <ENTER>
Navigate to Local Policies/Security Options.
Double click "Network Access:Let Everyone permissions apply to anonymous users"
Click Enabled and click OK
* Enabling Guest account may be necessary:
Click Start->Run->Lusrmgr.msc
Open Users
Double click Guest account
Deselect Account is disabled (if selected)
Click OK
1. Allowing anonymous to have everyone permissions? Security risk?
2. Enabling Guest account? Security Risk?
Please correct me if I am wrong.
Cheers
Presumably it's answered.
As for the other expert's comments on security risks - these instructions are steps to implement in succession. In other words, enabling the guest account would be nearly a last resort. The threat of either of these is certainly dependent upon your situation. Certainly you don't want to give Everyone full control and then allow anonymous users to have that same access level...the assumption there is that Everyone has limited access to begin with (which is the default).
As for the other expert's comments on security risks - these instructions are steps to implement in succession. In other words, enabling the guest account would be nearly a last resort. The threat of either of these is certainly dependent upon your situation. Certainly you don't want to give Everyone full control and then allow anonymous users to have that same access level...the assumption there is that Everyone has limited access to begin with (which is the default).
ASKER