The Expert’s Guide To Windows Networking (Part 1)

12/20/2012 9:27:22 AM

Delve into the nuts and bolts of networked sharing with Neil Mohr

Networking has become one of the most essential elements of computing. Forget processors. Forget graphics cards. Forget memory. If you can't get networked at home and onto the internet, we're pretty sure we know what your reaction is going to be. While you can live without 3D graphics and even the cutting edge multi-core processor, try living without your home network for half an hour and you’ll run screaming into the night with the wail of "Wikipedia" trailing after you.

We know you can string together your own home network. A wired network is sheer block-building child's play. A wireless network isn't much more strenuous, largely thanks to WPS reducing the complicated bit to little more than a button press or two. Or if you're like us you might memorise your WPA key, being able to think for ourselves and all.

. A wired network is sheer block-building child's play.

A wired network is sheer block-building child's play.

We're actually here to delve into the murky world of Windows networking and file sharing. We’re not talking the Homegroup system here; Microsoft has done a decent job of making that easy enough to use. We're going to delve into the Windows NT networking system that underpins this and indeed all of Windows file sharing. That's the key here not only does it arm you with the knowledge to twiddle with network shares on Windows 7, but without too many complications, everything from Windows NT, XP Server right through to Vista and Windows 8.

It's a reassuringly complex system, which once you understand the basic elements, is easy to deploy with total control, allowing you to decide who, how and exactly what is shared and accessible over your network. Let's not also forget the ability to limit, monitor and revoke access too. Like we said, Homegroup is fine if you're seeking the basic control. For complete control you want to unleash the full Windows network file sharing goes to all that time and trouble to provide an easy route, should you care to learn the hard way? Frankly because it offers far more flexibility for a little more investment of your time. Besides, once you've nailed the more complex systems, they work with and are the Homegroup system anyway. So you can pick and choose depending on how tiered you want to make your file sharing access.

The truth is that the networking that exists inside all of Microsoft's current products is the same underlying system that was built into Windows NT back in 1993. As you should know, Windows NT became the core of Windows 2000 aka NT v5 and then Windows XP as NT 5.1. The whole Windows range was effectively merged with Windows Vista as NT v6 and onwards. Technically, Windows 8, RT and Server 2012 will all be based on Windows NT v6.2.

This underlying architecture for Windows NT has remained the same then, with security handled through the Security Reference Monitor system, using Access Control Lists and unique Security Identifiers called SIDs to orchestrate this symphony.

Home nuisance

Over the years Microsoft has attempted to simplify the job of managing networked file shares, which in our opinion only helped to confuse the situation. We'll take advantage of some of these interface changes, since they offer shortcuts to sharing folders, but we're going to avoid Homegroup.

Homegroup is a streamlined way of getting file sharing to work over a home network. Similar to wireless networking WPS, it uses a PIN to prove valid authentication between systems. This is great if you can be bothered with difficult to remember 10-digit pins and having to change all those default folders, so you don't share them with every Tom, Dick and Harriet each time you initiate it.

Homegroup is a streamlined way of getting file sharing to work over a home network

Homegroup is a streamlined way of getting file sharing to work over a home network

It's not a bad system but it's still riding on the coat tails of something that's more flexible. We also worry that it hands access to remote systems without any additional credential checking, which is to say once a PC is given access it always has access no matter who's using it. So if PC A used by Bob is given access to PC B, when little Timmy gets on PC A, Timmy's going to be able to access everything on PC B. It also doesn't help that networking issues are painful to diagnose, while the easy-to-use interface elements plug into the traditional networking anyway.

Part of this new system is the somewhat pointless Set Network Location selection. Get to it by selecting ‘Start’ > 'Control Panel' > 'Network and Internet’ > 'Network and sharing' and under 'View your active networks' select the current Home/Work/Public network link. The only reason to select Home network is that it enables Homegroup, while Work network disables Homegroup.

The Public network option is handy as it locks down network access to the system when on an untrusted network. Despite its semi-hidden nature this does present a useful way of turning off the Homegroup, though the additional Homegroup home will stay visible in the Navigation pane till the sun engulfs the earth in its fiery embrace. Thanks Microsoft.

Group hug

With that unpleasantness done away with, we can focus our attention on how the core Windows networked file-sharing works. We're not starting at the beginning, as you were expecting. Instead we're going to look at Windows User Accounts. What on God’s green earth has that got to do with networking? Well, Groups, Users and Login sessions are core to the Windows security system. You're going to be able to enable remote access to systems on three levels.

The first is the Public shared folders that anyone can access. The next is Guest group access. This is for anyone who doesn't have a user account. Finally there's User Account access, which requires that you enter credentials to access shared folders from a remote system.

This complex arrangement ultimately results in a highly flexible one, the small amount of initial user and group set up is easy enough to manage. It enables you to create groups that all have the same access privileges or provide personalised access to files and folders on an individual user basis. This also goes hand in hand with password protection and policy control over the password usage.

Homegroup requires a 10-digit pin every time that it's initiated for file sharing

Homegroup requires a 10-digit pin every time that it's initiated for file sharing

On a basic level users can be created and managed via the standard User Accounts Control Panel and if you want it, it's easy to enable the Guest Account access level here too. However, we find the best method is to do this via the Computer Management console. Access this by either typing compmgmt.msc into the Run dialog or else right-click 'Computer' - the desktop icon or Start Menu entry - select 'Manage' and select the 'Local Users and Groups' section.

It’s also worth mentioning at this point the Shared Folders section that lives, handily, just above Local Users and Groups. As you create file and folder shares these will become listed under the Shares section. This makes the Computer Management Console a good way to manage most aspects of networked file sharing from one place. Over time, if you're sharing a good number of folders, it can become confusing as to exactly what you’ve shared and with who.

The Shares section offers a list of everything shared in one place and with all the controls you need. Right-click the share you’re interested in and you can immediately stop sharing or choose 'Properties' to adjust the sharing options.

This Users Properties dialog enables you to limit the number of users that can have active sessions. For the most part this won't be of use for home users, but there are times when this could be useful, if bandwidth is an issue or you have a high number of users for some reason. The Share Permissions tab is also useful for easily changing the access permissions for groups and users. It's unlikely you'll need to delve into the Security tab, but this does offer more detailed control over what users can do within shares.

Most View
Windows Server 2012 MMC Administration (part 9) - Designing custom taskpads for the MMC - Creating and managing taskpads
SteelSeries Siberia V2 Full Size Headset - The Suspension!
Adobe Photoshop Touch - Get Photoshop On Your Phone
Windows Server 2008 and Windows Vista : Using .adm Template Language (part 1) - Structure of an .adm Template
IT Asset Management: What ITAM Is & How It Relates To Your Business
Digitize Music, Video And Photos For Free (Part 2)
Protecting Me
SQL Server 2005 Native XML Web Services : Example Native XML Web Services Project (part 3) - Creating the Client Application
Sony NEX-6 – The Best Compact Camera
Dell Insporon 14R 5421 Touch - Touchscreen Laptop With Durable Battery (Part 2)
Top 10
Sharepoint 2013 : Introducing jQuery for SharePoint developers (part 2) - Understanding jQuery methods,Understanding jQuery event handling
Sharepoint 2013 : Introducing jQuery for SharePoint developers (part 1) - Referencing jQuery, Understanding the global function, Understanding selector syntax
Sharepoint 2013 : Introducing JavaScript for SharePoint developers (part 3) - Creating custom libraries
Sharepoint 2013 : Introducing JavaScript for SharePoint developers (part 2) - Understanding JavaScript functions, Understanding JavaScript closures, Understanding JavaScript prototypes
Sharepoint 2013 : Introducing JavaScript for SharePoint developers (part 1) - Understanding JavaScript namespaces, Understanding JavaScript variables
Windows 7 : Programming Multiple I/O Queues and Programming I/O - WatchDog Timer: Self-Managed I/O
Windows 7 : Programming Multiple I/O Queues and Programming I/O - Reading and Writing the Registry
Windows 7 : Programming Multiple I/O Queues and Programming I/O - Retrieving Requests from a Manual Queue
Windows 7 : Programming Multiple I/O Queues and Programming I/O - Handling Requests from a Parallel Queue
Windows 7 : Programming Multiple I/O Queues and Programming I/O - Creating and Configuring the Queues (part 2)