Why is it so difficult to network Vista and XP PCs?

Discussion in 'Windows Vista Networking' started by Pierre KOHLER, Jul 13, 2007.

  1. I have two Dell PCs. A Dimension 9200 Desktop vith Vista Home Premium (Swiss
    German version) and a Latitude D600 notebook with XP SP2 (US english
    version). They are on the same workgroup (MSHOME) connected by a WPA-PSK TKIP
    protected wireless link through a router. On both computers I have opened
    accounts with the same user name and password. The network was ok for some
    time (while the desktop was directly connected with a cable to the router and
    the wireless link was running under WEP from the Latitude notebook to the
    router) but started to make problems when the router had to be moved to
    another room and both PCs were wirelessly connected to the network. By now,
    the Vista desktop can see the XP notebook, read and write files. The XP
    notebook can see that the desktop is there but it is denied authorization to
    access it, use a printer aso. I tried to follow "File and Printer Sharing in
    Windows Vista", even switch off the firewall on Vista, enable NetBIOS over
    TCP/IP, disable IPv6 but nothing seems to do the job.
     
    Pierre KOHLER, Jul 13, 2007
    #1
    1. Advertisements

  2. Pierre KOHLER

    Chuck [MVP] Guest

    Pierre,

    Generally, it isn't difficult at all to network two computers. Sometimes there
    are complications, though, and that's why you see people here asking for help.

    Disabling IPV6 is a good start, as I don't think that Microsoft has IPV6 and
    Windows Networking working together just yet.

    Switching the firewall off is not a good idea. You need to have the firewall
    on, and set the Network Location Type to Private. Access authorisation is
    another issue. Are you using SFS (PPS disabled), or AFS (PPS enabled) on the XP
    computer? PPS enabled or disabled on the Vista computer? These are details
    that you need to know.

    Read my tutorial and see if it helps.
    <http://nitecruzr.blogspot.com/2006/12/windows-xp-and-vista-on-lan-together.html>
    http://nitecruzr.blogspot.com/2006/12/windows-xp-and-vista-on-lan-together.html

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 13, 2007
    #2
    1. Advertisements

  3. Pierre KOHLER

    nsag Guest

    Here is a typical user Vista/ Wireless XP networking issue:
    Explorer can see all computers and exchange files. All permissions are
    correctly set and double checked.
    However say you want to save an Excel spreadsheet you are working on with
    your Vista machine to one of those wireless XP units.
    In your Vista machine you click "save as" and then click on "network"
    Lo and behold, nothing you can do will make those XP sites appear so you can
    save the frigging document.
    However tomorrow it might or might not work like it should.
    The best solution is to get rid of Vista.
    All of your problems will go away and you can get back to work.
    You should not be spending time troubleshooting defective Microsoft
    programming.
     
    nsag, Jul 14, 2007
    #3
  4. Pierre KOHLER

    Chuck [MVP] Guest

    Until Vista comes out in SP1, it will have these bugs. We are Beta testing it.
    And we are documenting it.

    There are dozens of reasons for not being able to "see" other computers in
    Network Neighbourhood (or whatever else cure name is being used at the time).
    Every version of Windows has had these problems, and Windows XP wasn't immune.
    I wrote this for XP owners, several years ago.
    <http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html>
    http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html

    And this year, I wrote this troubleshooting guide for Vista owners.
    <http://nitecruzr.blogspot.com/2006/12/windows-xp-and-vista-on-lan-together.html>
    http://nitecruzr.blogspot.com/2006/12/windows-xp-and-vista-on-lan-together.html

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 14, 2007
    #4
  5. Pierre KOHLER

    Chuck [MVP] Guest

    Until Vista comes out in SP1, it will have these bugs. We are Beta testing it.
    And we are documenting it.

    There are dozens of possible reasons for not being able to "see" other computers
    in Network Neighbourhood (or whatever else cute name is being used at the time).
    Every version of Windows has had these problems, and Windows XP wasn't immune.
    I wrote this for Windows XP owners, several years ago. Windows XP was buggy as
    hell until SP1.
    <http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html>
    http://nitecruzr.blogspot.com/2005/10/irregularities-in-workgroup-visibility.html

    And this year, I wrote this troubleshooting guide for Windows Vista owners.
    <http://nitecruzr.blogspot.com/2006/12/windows-xp-and-vista-on-lan-together.html>
    http://nitecruzr.blogspot.com/2006/12/windows-xp-and-vista-on-lan-together.html

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 14, 2007
    #5
  6. Sir,
    you did a great job telling people all the details of networking Vista and
    XP computers but this is exactly my point: Why is it necessary to go though
    all this jargon when I just want to share a printer and maybe read and write
    a few files in the public folder of the other PC? Can't such simple
    operations be allowed by default so that Mr. Average does NOT have to read
    and understand all of your explanations?
    I am certainly not a bloody beginner but I have other things to do than to
    struggle with those issues and I certainly hope that there will be such
    features and maybe a wizard to do this in Vista pretty soon, otherwise I will
    simply abandon it as nsag suggested.
    Kind regards,
    Pierre KOHLER

     
    Pierre KOHLER, Jul 16, 2007
    #6
  7. Pierre KOHLER

    LoneStar Guest

    Chuck,

    As an outsider on this thread, thanks for a very comprehensive view into
    Vista/XP file & folder sharing. Your nitecruzr blogspots were very good,
    and I read them both to try fixing my Vista/XP file sharing problem. (Note:
    my network is fine, Public Folder can be shared, but none other).

    Anyway, after reading your two web links which apparently can fix any
    Vista/XP sharing problem, I must concede defeat. I guess I'll just use the
    Public Folder on Vista to use for XP file sharing ventures. To be honest,
    your articles were good, but there is No Way I can spend hours trying to
    figure out what you wrote, how to actually apply it to my two computers, and
    trying to read between the lines. My XP and ME shared perfectly -- no
    problems.

    Anyway, thanks for putting out the info, really.

    EW

     
    LoneStar, Jul 16, 2007
    #7
  8. Pierre KOHLER

    Chuck [MVP] Guest

    Pierre,

    Your point is well made. The biggest problem is that networking computers is
    NOT a simple process. I've been working with it for 30 years, and it changes
    constantly.
    <mode=rant>
    Right now, half the complexity in most computers is security software, that
    keeps our computers doing OUR work. Not the work of some asswit sitting in his
    bedroom somewhere else, hawking v1agruh.

    Networking computers isn't simple. Occasionally the boys with smoke and mirrors
    make it look that way, but the smoke dissipates and they are left with broken
    mirrors.

    If you own a car, you learn to drive the car. You don't buy the car, go to
    another store, buy a "repair your car yourself" manual, take it home and rebuild
    the engine. You take it to a fucking mechanic for engine repairs.

    Right now, everybody with a Visa card can go to WalMart (of all places), buy a
    computer, take it home, install it, and then get pissed off because they don't
    know what they are doing and can't be arsed to read a damn manual, or take it to
    an expert.

    Maybe it's time to license computer usage.

    We'll still be here, probably, for those who will work with us. But if you
    don't understand Microsoft products, can't buy a manual, and don't want to read
    the manuals that we write (for free), you're free to find any forum where people
    produce the manuals that suit your fancy.

    I'll repeat my point. Networking computers is not simple - it's hard work. The
    complexity, when applied properly, may make it look simple. That's all. It
    looks simple. It's not at all simple. Regardless of what the merchandisers
    make it look like.</mode>

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 16, 2007
    #8
  9. Pierre KOHLER

    Chuck [MVP] Guest

    Thanks for the feedback, EW.

    My rant to Pierre aside, I'm betting that there's at least one more key setting
    in Windows Vista that I haven't written about, and Microsoft hasn't thought to
    tell us about. The Network and Sharing Center GUI is a wizard (a pretty mini
    app), for setting dozens of individual settings in a database called Local
    Security Policy (in a domain, it's a piece of Active Directory, called
    policies).

    Even listing the policies, much less identifying them with any description,
    isn't done anywhere that I can find. They are supposedly self identifying (ha
    ha). And my suspicion is that you will find YOUR problem buried deep in a
    policy.

    So, as you think more of your problem, drop by here again. We may know more
    next week. Maybe your involvement will help us learn more, and help others too.

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 17, 2007
    #9
  10. Chuck,

    I will mention Active Directory Domains only, as that is what I have done.
    Vista integrates without difficulty. Essentially all that is done is, join
    the Domain, turn on Network Discovery, turn on File Sharing, then actively
    share the folders desired. When creating the shares, assign Domain Groups to
    the share (with desired permissions), and remove Everyone. At that point
    Vista (depending on who is logged in) can see and be seen without
    difficulty. Depending on what other client PCs are on the network, things
    may be different, but with the correct Group Policy settings, Vista can see,
    be seen by, and communicate with everything from other Vista PCs (Home Basic
    and Premium cannot be Domain joined, so I omit those) down to MS-DOS 6.22
    (running a TCP/IP stack).

    John Baker
     
    JRB Associates, Jul 17, 2007
    #10
  11. Pierre KOHLER

    Chuck [MVP] Guest

    John,

    My growing suspicions are that many complaints that folks like Pierre have,
    about how complicated Windows Networking is, would be solved if everybody would
    setup and use a domain. Between standardising local security policy, and
    turning off "Simple" File Sharing, life would be so much simpler.

    Of course, there would be less traffic here and it might get a bit boring. You
    can't have everything.

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 17, 2007
    #11
  12. Pierre KOHLER

    Tom Dacon Guest

    My growing suspicions are that many complaints that folks like Pierre
    I suppose you'd rather spend about a million keystrokes and the next five
    years of your life educating people here on how to set up a domain
    controller, right?

    Tom Dacon
    Dacon Software Consulting
     
    Tom Dacon, Jul 19, 2007
    #12
  13. Pierre KOHLER

    Chuck [MVP] Guest

    In the long run, and if a domain was the only option, I'd bet that a domain
    would be made a bit simpler. And either folks WOULD learn how to do it, or they
    would hire a pro to do it.

    The problem is when they won't hire a pro, want to do it themselves, and don't
    want to spend any time reading about the details. But they WILL spend time
    bitching about it "Why does Microsoft make it so complicated?".

    And I've written about why it's so complicated, and occasionally someone will
    read what I wrote.
    <http://nitecruzr.blogspot.com/2005/07/windows-networking.html>
    http://nitecruzr.blogspot.com/2005/07/windows-networking.html

    And if you spend ANY time here, you'll know that I was being SLIGHTLY facetious.
    But just slightly.

    If you have less than 6 computers, AND one person / computer AND no sharing of
    computers either locally or remotely AND no sharing of passwords, a workgroup is
    a simple choice. If any one of the above conditions doesn't apply, that may or
    may not be true. Workgroup "authentication" isn't scalable. Domains make more
    sense, as the size of the LAN increases.

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 19, 2007
    #13
  14. Chuck,

    Your facetiousness comes through quite clearly :). Since I spend probably
    99% of my time in the business realm, AD domains are what I use, but even
    there I have seen folks have trouble with Vista. I do assist friends and
    family in the workgroup and computer-to-computer scenario, but it is not my
    primary choice. Vista ironically has actually made it more difficult in many
    ways, not easier. In a pure Vista-to-Vista scenario, it is not too bad, but
    almost everyone I know (everyone actually...) has a mix of PCs, going back
    to Windows 95 (the sweet spot is probably 98SE), that they want to connect.
    In the workgroup or computer-to-computer scenario, it can be challenging,
    especially since some folks don't want to have user accounts or passwords,
    and Vista gags with that. That is why I am quite content in the AD domain
    realm. With a few Group Policy settings, everything works with no difficulty
    at all, even older operating systems which predate AD. But that said,
    without support, most folks I know at a personal level would be in an even
    greater abyss with a domain.

    John Baker
     
    JRB Associates, Jul 19, 2007
    #14
  15. Pierre KOHLER

    Chuck [MVP] Guest

    John,

    Frankly, in a business environment, where a standardised platform of hardware
    and software is used, and new computers are bought in bulk, I won't recommend
    Vista just yet. But remember, Windows XP was the same when it was released;
    until SP1 came out, most large LANs were still deploying Windows 2000.
    Screaming about XP, how complex, slow, unstable, it was could be heard
    everywhere.

    The issue of Microsoft, currently publicising sunset dates for XP, makes this
    somewhat more urgent.

    Keeping all of this in perspective, how many people do you see in this forum
    right now, complaining of specific issues networking computers running Vista?
    How many copies of Vista are out there right now (ballpark figure, to the
    nearest 100,000 or so will do). Subtract the first figure from the second,
    please.

    But the historical mix of ancient computers has to end one day. The legendary
    joke:
    "Q: How many Virginians does it take to change a light bulb?
    A: At least 3. One to do the work, the others to remember how great the old one
    was."
    even that is drawing to a close. The great State Of Virginia is rebuilding
    everywhere.

    And so should computer owners. We have to let go of the past, and get rid of
    computers running Windows 95, 98, and yes ME. Or at least stop requiring
    Microsoft to "support" them. Windows simply can't retain backward compatibility
    to every historical edition forever; sometime, computer owners have to roll
    forward, into the present.

    If you can't network your computer running Windows 98 with a computer running
    Windows Vista, because the computer running Windows 98 "locks up", why is that a
    Vista problem? The Windows 98 operating system has limits. Those limits may
    not be seen until you try to exceed them, but they are limits in the Windows 98
    operating system.

    Move forward.

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 19, 2007
    #15
  16. Pierre KOHLER

    Tom Dacon Guest

    And if you spend ANY time here, you'll know that I was being SLIGHTLY
    Oh yeah, I got your point. I was being equally facetious, although perhaps
    it didn't come through.

    Tom
     
    Tom Dacon, Jul 20, 2007
    #16
  17. Get real!

    With domains go server OS licenses, extra boxes, not to mention MSCE
    skills to make everything work. If you have MCSE skills, you could
    prolly make simple peer networking work too, which is what we want.

    Since XP, we've seen attempts to drop pro-IT solutions into
    consumerland. It has never worked, and is not working now.


    I think the answer to the subject Q may have more to do with:
    - retiring dangerous authentication technologies (LM hashes)
    - a long-overdue curbing of hidden admin shares
    - IPv6 over IPv4

    With respect to the last, this may also explain why "some routers
    don't work with Vista" (routers are supposed to be OS-agnostic, so
    that's like saying "some roads don't work with new Ford cars") and why
    MS went to the trouble of providing a useful online tester to see
    whether your router would match Vista's compat/performance needs.

    Teredo Overview

    http://www.microsoft.com/technet/network/ipv6/teredo.mspx

    But then, I'm reading this thread because I want the answer, too :)

    Seriously, the "domain thing" may solve issues with authentication who
    can do what over a LAN, but if the packets aren't flowing due to
    deeper glitches - including the basic first-step of authentication
    that has to work before domains become relevant - it may miss the spot


    Tip Of The Day:
    To disable the 'Tip of the Day' feature...
     
    cquirke (MVP Windows shell/user), Jul 20, 2007
    #17
  18. Hiring a pro to set up a domain may not be enough, if he just walks
    away when done, leaving you without the skills to manage it.
    On My Way... ah, this looks like a great read!

    It looks as if we have the same objectives in terms of "blogging",
    i.e. to create blogs that are also effective as traditional link-rich
    websites, offering timeless top-down navigability - as blogged here:

    http://cquirke.spaces.live.com/blog/cns!C7DAB1E724AB8C23!346.entry

    ("Permalinks Are Your Friends")
    I confess I missed that ;-)
    I draw the line at 11+, being the point beyond which all MS desktop
    OSs have been deliberately prevented from scaling up.

    IOW, if you need a server, then it's time to get serious about your
    networking. You're already obliged to expend significant resources on
    it, either the money for an MS server OS or the study to use a free
    Linux alternative; may as well get some value out of it?

    I see domains as being more about user management than networking per
    se, and if you have no interest in user management, then a powerful
    user managemenmt system may become a risk in itself.

    If folks have no interest in using a rich and risky functionality,
    they won't understand it, set it up properly, keep it patched, monitor
    what it is doing, and maintain it.

    So the benefits of a domain system - e.g. the ability to override
    control over users and workstations from a single point of
    administration, irrespective of LAN or Internet "remoteness" - can
    become a serious risk, if there's no-one at the helm.


    My old approach to small LANs, was:
    - LAN card <- NetBEUI <- F&PS
    - Dial-up <- TCP/IP <- ICS

    By keeping F&PS off TCP/IP, I don't have to worry about whether
    firewall will appropriately scope between LAN and Internet routes when
    passing or blocking F&PS. That's a #1 headache gone, right there, and
    with it I saw a lot less "I had to turn off the firewall" stuff.

    By using NetBEUI for F&PS, I'm harnessing the safety effect of what is
    usually seen as a NetBEUI weakness; that it cannot be routed beyond
    the LAN to other networks via gateways.

    Two things went wrong with this simple arrangement:

    1) Use of same LAN card for Internet and LAN access

    This broke the ability to selectively bind F&PS to LAN card while
    keeping it off the Internet point of access. But this didn't matter,
    until (2) kicked in and stuffed everything up.

    2) XP's useless at anything other than TCP/IP

    Believe me, I tried to get F&PS working on anything other than TCP/IP
    on XP, and it was a total failure, especially in mixed XP and Win9x
    environments. So I was now forced to wave F&PS on the same TCP/IP
    that - due to (1) - also potentially reached the Internet. BAD IDEA.


    MS has an unfortunate tendency to design like this:
    - create an "ultimate" product with everything working everywhere
    - apply band-aids to limit what works where

    MS claims to now "get" the "safe by default" thing, but they haven't,
    really. Yes, things have improved, but the basic idea that consumers
    can be fobbed off with a diluted pro-IT-orientated product persists.

    That's always been a bad idea for consumers, but it didn't matter to
    MS's big enterprise clients (where MS was competing with Linux and
    pre-PC "big iron"). These big clients get massively complex
    infrastructure, along with detailed documentation. Consumers get a
    "wipe and rebuild" OEM disk, if they're lucky.

    But consumers have broadband now, and so they are in a position to
    impact on the enterprise as well. Suddenly it matters that a large %
    of consumer PCs have been overrun by malware, because all that malware
    and spam traffic is gunking up pro-IT networks, not to mention the
    targeted DDoS and cat's-paw hacking attacks made via zombies.

    We complain if it takes months to fix a known code vulnerability, but
    it can take many years to fix a bad design (e.g. HTML email scripts in
    Internet Zone, autorunning macros in MS Office "documents").

    To fix flaws in basic design policy may take forever :-/


    When Occam's Razor meets the Halting Problem,
    the Halting Problem wins
     
    cquirke (MVP Windows shell/user), Jul 21, 2007
    #18
  19. Pierre KOHLER

    Chuck [MVP] Guest

    A real pro, Chris, will document and train, at least for the day to day tasks.

    Depending upon the network you CAN go as high as 15 before you really need a
    file server (and a domain controller becomes easier to justify).
    # X employee works from home, or only on weekends.
    # Y employee only surfs the web.
    # Everybody powers their computer off when not in use.

    Every workgroup is unique. There's no forcing a domain on anybody. I know
    that.

    The OP was complaining about how complicated Windows Networking is. I was
    pointing out why. It's complicated because everybody's needs are different, and
    change periodically.

    And I remember NetBEUI, and how slick it was. And how slick it wasn't. I
    remember Token Ring too. But times have changed - Token Ring is a memory, and
    NetBEUI almost so.

    And Windows 98 needs to be a memory too.

    And I love hosting my web site on Blogger One Button Publishing. Though
    Permalinks are being superceded by Labels (I call them "Topics") which are way
    easier to manage, and make the text look cleaner. Labels (and "New" Blogger)
    have been available for slightly less than a year now.

    Consumer Broadband (I call that the Walmart effect) is running the show. Except
    in large corporations with hardware and software models that don't change,
    there's always something better. And sometimes, it was on sale last night at
    Walmart. %-)

    --
    Cheers,
    Chuck, MS-MVP 2005-2007 [Windows - Networking]
    http://nitecruzr.blogspot.com/
    Paranoia is not a problem, when it's a normal response from experience.
    My email is AT DOT
    actual address pchuck mvps org.
     
    Chuck [MVP], Jul 21, 2007
    #19
  20. Hmm... sounds expensive. Well, it would be expensive to teach me how
    to maintain a domain setup... a lot of small networks still use the
    physical security model, which everyone understands, i.e.
    - if you're at the keyboard, you can do anything
    - if you're not at the keyboard, you can do nothing
    - we physically secure access to the keyboard

    Where the nature of the work is that folks create value on their PCs
    and use the network only for printing, Internet and automated peer
    backups, then combining the physical model with tight control over
    what is shared, can do away with the need for "authentication".

    IOW, assume authentication control will be sloppy, and avoid relying
    on it where it serves no purpose.
    How does that differ from the usual Blogger, as I'm using at...

    http://cquirke.blogspot.com

    ....? I did the conversion to Google sign-in, but haven't digged much
    deeper as yet. I do like multiple labels, though.
    I hope you don't mean they'll be dropping permalinks? They're still
    the best way to link to specific articles from arbitrary places like
    these newsgroups, after all.
    They're nice and flexible, yes, but how do you retro-fit them to old
    content? Permalinks still work there...
    I'm still not sure if I'm on the same rig as you are. Is this the
    production Google blogging platform, or still beta?


    The most accurate diagnostic instrument
    in medicine is the Retrospectoscope
     
    cquirke (MVP Windows shell/user), Jul 21, 2007
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.