file and printer sharing with non-domain members

Discussion in 'Windows Small Business Server' started by Paul Pedersen, Apr 18, 2006.

  1. Is it possible to share files and printers with networked computers that are
    not and will not be in the domain? For instance, Windows XP Home machines,
    or users who will not have a domain account, guests.

    If so, how?
     
    Paul Pedersen, Apr 18, 2006
    #1
    1. Advertisements

  2. One of the biggest differences for networking features between Windows XP
    Professional and Windows XP Home Edition is the lack of domain membership
    support in Home Edition.

    A Windows XP Professional computer can join a domain and function as a
    domain member. Domain membership extends the benefits of distributed
    security to the Windows XP desktop, enabling users to easily access domain
    resources. It also lets the user share resources with other users and
    authenticate those users against the domain rather than require individual
    accounts on the local computer.

    By contrast, computers running XP Home Edition cannot be domain members,
    although they can access resources on a domain member in the same way
    workgroup members running other Windows platforms can access domain
    resources. They can connect to and use network file and printer shares,
    provided they have a valid account in the domain.

    Therefore, you need to set up user accounts on the SBS, and allow them
    access to the resources (files, folders, printers, etc.). When a user tries
    to access a resource, he is going to have to authenticate (prove who he is).
    With XP Pro, the user is authenticated at logon, and these credentials are
    all he needs. With XP home, the user may get repeatedly prompted for
    credentials, but so long as he provides a username and password for an
    account with access to the resource, it should be availalbe.

    Windows XP Professional defaults to using Kerberos for authentication.
    Kerberos offers the ability to reuse authentication credentials, providing
    single-sign-on capability. Although Home Edition provides password caching
    just like other Windows platforms (although it’s more secure), it doesn’t
    offer the same level of single-sign-on support provided by Windows XP
    Professional.

    SBS uses group policy extensively for user and computer account
    configuration, including important security configurations. One of the
    biggest drawbacks to the lack of domain support in Home Edition is the
    corresponding lack of support for group policies. You can configure local
    policies on a Home Edition computer, but the computer naturally can’t obtain
    group policies during domain logon because it can’t be a domain member. This
    means you can’t apply change control or restrictions, perform folder
    redirection, or accomplish any of the other feats of magic made possible by
    group policies, and configured by default in SBS.


    --
    Les Connor [SBS Community Member - SBS MVP]
    -----------------------------------------------------------
    SBS Rocks !
    ----------------------
    "Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
    understand." - Confucius


    You mean, create a Guest account on the XP Home computer?

    What happens now is, if I'm on the XP Home computer and click on the server
    in Windows Explorer, I get "<server name> is not accessible. You might not
    have permission..."

    If I try to add the server's printer, it does not show up in the list of
    printers, although the server can be seen.



    Sure. share the files and printer, and assign permissions to everyone. You
    may need to enable guest account or create the username on the local
    computer (XP Home).

    Bob Lin, MS-MVP, MCSE & CNE
    Networking, Internet, Routing, VPN Troubleshooting on
    http://www.ChicagoTech.net
    How to Setup Windows, Network, VPN & Remote Access on
    http://www.HowToNetworking.com
    Is it possible to share files and printers with networked computers that are
    not and will not be in the domain? For instance, Windows XP Home machines,
    or users who will not have a domain account, guests.

    If so, how?
     
    Les Connor [SBS Community Member - SBS MVP], Apr 19, 2006
    #2
    1. Advertisements

  3. Thank you.

    Does not setting Print access to Everyone (on the printer sharing tab)
    accomplish this? I thought Everyone meant "everyone who is connected to the
    network". Is that a mistaken assumption?


    The XP Home computers have multiple user accounts. In order for all of the
    users to be able to use a printer shared by SBS, do I have to create an
    account for every one of them?

    What about guests, whose connection to the network may be temporary? Can
    they use the printer?

    Can I simply let guests and XP Home users access server resources through
    the Guest account? How?

    (BTW, I intend to limit access to certain server resources more specifically
    through more complex permissions. Eventually, not now.)


    Sounds like a lot to learn... Folder redirection, for instance. I've never
    heard that one before.

    I have a new SBS book (SBS Unleashed, by Neale). I'd better get cracking on
    it. In my free time, ha ha.
     
    Paul Pedersen, Apr 19, 2006
    #3
  4. I'll try and answer, but please understand that I've not ever tried to use
    xphome on an SBS network.

    I do however use xp pro laptops that do not belong to a domain. This is
    accomplished by joining the laptop to a workgroup with the same name as the
    netbios domain name, and having a user account on the computer with the same
    username and password as the corresponding domain user account. A user
    account on the SBS is imperative - permissions are controlled by access
    control lists, and a domain user account is fundamental to this.

    If xp pro is out of the question, then join the workstations to a workgroup
    with the same name as the domain.
    Create user accounts for each and every user on the SBS.
    Create user accounts for each person, on each worstation they will use -
    these usernames and passwords must match the domain account.
    Pay attention to how many devices (computers) and users that will connect to
    the SBS. Count them, whichever is the lower number is the amount and type of
    CALs you require. A single workstation (with a device cal assigned) can be
    shared by any number of persons. A single person with a User CAL assigned
    can use any number of devices to log onto the SBS.

    "everyone" means every domain account, and doesn't extend to the universe at
    large ;-).

    guest is not something I have played with; it's used in xphome but is
    seriously not something you want enabled on your domain.
     
    Les Connor [SBS Community Member - SBS MVP], Apr 19, 2006
    #4
  5. BTW, have you been to techsoup to see what xppro upgrades cost? They're
    $8.00 each.
     
    Les Connor [SBS Community Member - SBS MVP], Apr 19, 2006
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.