It’s easy enough to plug a couple Windows 10 computers together and call it a network, but real-life networks are seldom so simple, even at home. Networks usually have a mix of operating systems, and Windows often has to be coaxed into getting along with them.
On a real-life LAN with multiple OSs, it’s not enough that computers be capable of coexisting on the same network cable at the same time. They need to actually work with each other, or internetwork, so that users of these various systems can share files and printers. At best, this sharing should occur without anyone even knowing that alternative platforms are involved. Achieving this kind of seamlessness can range from effortless to excruciating.
If you’re shopping for such a network appliance, be very careful to check what format it uses on its disks and what maximum file size it supports. Some devices support a maximum file size of only 4GB, depending on the disk format and internal software used. Such a device might be okay for storing documents and photos, but it will be incapable of storing complete movies and computer backup files, many of which run 6GB in size or more. Other devices use proprietary networking drivers and/or proprietary disk formats. Personally, I’d use only a NAS device that uses standard file access protocols (SMB, NFS, and so on) and a disk format that can be read by Windows or Linux (so, FAT or NTFS, or ext3 or ext4 if you use Linux; and FAT only if you can accept the 4GB file size limit), so that if the hardware box were to die, I could at least put its hard disk into a desktop computer and extract its contents.
If a network appliance isn’t in the cards, you must get your computers to interoperate directly. This chapter shows you how to get computers running Windows, Mac OS X, Unix, and Linux to play together nicely.
Windows 10, 8.1, 8, and 7 have some networking features that weren’t in older versions, and some features have been removed. With respect to internetworking, this list provides a summary of the most significant changes since Windows Vista and XP:
Windows 10, 8.1, 8, and 7 behave differently from previous versions of Windows when Password Protected Sharing is turned off. This topic is discussed later in the section “Password Protection and Simple File Sharing.”
The NetBEUI network protocol is no longer available. This could affect you if your network includes computers running Windows XP or—heaven forbid—earlier versions. We discuss this topic in more detail when we talk about networking with older versions of Windows later in this chapter.
The Link Level Discovery Protocol (LLDP) lets Windows eke out a map of the connections between your computers and the other hardware on your network. The network map feature appears only in Windows 7 and Vista, so you might not care about this. If you do use the map display, or if your organization uses LLDP with third-party network management tools, LLDP support is available for Windows XP via a download and is included in all the more recent versions. It’s also in Server 2003 and later Server editions. Connections to computers running older versions of Windows will not be diagrammed on the network map. Computers running Linux and Mac OS X won’t appear, either, unless you add a third-party program such as Open LLDP (at http://openlldp.sourceforge.net). Some commercial network-mapping applications (such as LANsurveyor at www.solarwinds.com) have a Mac LLDP responder.
Microsoft no longer provides out-of-the-box support for Novell NetWare (a corporate networking system). Novell Corporation has a NetWare client that works on Windows 10, but its installation and use are beyond the scope of this book.
However, although some things change, other things stay the same. You probably won’t be surprised to learn that the Network Browser service (the relatively obscure software component responsible for collecting the list of names of the computers that show up in File Explorer under Network) is still present—and still works only when it feels like it.
In addition to covering internetworking issues, this chapter discusses some of the advanced and optional networking features provided with Windows 10. These features are not needed for “vanilla” Windows networks, but they are used for the more complex networks found in corporate environments.
Windows 10’s file and printer sharing services work quite well with Windows 8.1, 8, 7, Vista, XP, and the various Windows Server versions. All of these OSs were intended from the start to work well with the TCP/IP network protocol favored by modern versions of Windows.
For all practical purposes, Windows 10, 8.1, 8, and Windows 7 networking are virtually identical. There are no compatibility issues to worry about, other than getting the Network Location set correctly (discussed in Chapter 18, “Creating a Windows Network,” in the section “Enabling and Disabling Sharing”).
If your network has computers running versions of Windows older than Windows 7, the differences in OSs can show up in these areas:
Default networking protocols—You might have configured any really old computers to use the NetBIOS or SPX/IPX protocol as the primary networking protocol. Windows 7 through 10 require that you use TCP/IP. And, it’s best if you use only TCP/IP.
LLDP mapping—By default, Windows XP computers did not come with support for LLDP, and without it, these computers will appear as “orphans” on the network map display in Windows 7 and Vista. You can download and install an LLDP add-on for XP if you like.
Password Protected Sharing (Simple File Sharing)—Windows can provide username/password security for shared files and folders. Windows 10, 8.1, 8, 7, Vista, and XP also have a “passwordless” option.
HomeGroup networking—Windows 10, 8.1, 8, and 7 let you join your computers into a homegroup, which simplifies file-sharing security. A homegroup member can still share files and printers with older versions of Windows, but there are some subtleties that we explain in this chapter.
We cover these topics in the following sections.
When freshly installed, Windows XP was set up to use the TCP/IP network protocol for file and printer sharing by default. If your network previously included Windows 95, 98, Me, 2000, or NT computers, you might have changed the network protocols to simplify internetworking with the older operating systems.
Because newer versions of Windows support only TCP/IP, you must make sure that TCP/IP is enabled on your Windows XP computers. Also, Windows networking works much more reliably when every computer on the network has the exact same set of protocols installed. You should ensure that TCP/IP is the only installed network protocol.
Note
If your computer is connected to a corporate network, your network administrator will make all necessary changes for you.
Follow these steps on any computers that run Windows XP:
1. Sign in using a Computer Administrator account.
2. Click Start, Control Panel, Network and Internet Connections; then click the Network Connections icon.
3. Right-click the Local Area Connection icon and select Properties.
4. Look in the list of installed components and make sure that Internet Protocol (TCP/IP) is listed. If not, click Install, select Protocols, click Add, and select Internet Protocol (TCP/IP). If your network uses manually assigned (static) IP addresses, configure the Internet Protocol entry just as you configured your newer computers.
5. Look in the list of installed components for the NWLink IPX/SPX or NetBEUI protocols. Select these entries and click Uninstall.
6. Click OK to close the Local Area Connection Properties dialog box.
7. From the menu in the Network Connections window, select Advanced, Advanced Settings. Select the Adapters and Bindings tab.
8. In the top list, select Local Area Connection. In the lower list, make sure that Internet Protocol (TCP/IP) is checked under both File and Printer Sharing for Microsoft Networks and Client for Microsoft Networks.
9. Click OK to close the dialog box.
After checking all your computers, restart all your computers if you had to make changes on any of them.
On small Windows networks (that is, networks that aren’t managed by a Windows Server computer using the Domain security model), each computer is separately responsible for managing usernames and passwords. Before Windows XP, this made it difficult to securely share files across the network. You had to create accounts for each of your users on every one of your computers, using the same password for each user on each computer.
Windows XP introduced a concept called Simple File Sharing that, when enabled, entirely eliminated security for file sharing. All network access was done in the context of the Guest user account, regardless of the remote user’s actual account name. Essentially, anyone with physical access to your network could access any shared file. This made it much easier for other people in your home and office to get to each other’s files. (And, horrifyingly, everyone on the Internet could also get at your files, until XP Service Pack 2 came out.)
Windows 10, 8.1, 8, 7, and Vista also include Simple File Sharing, although it’s now called Password Protected Sharing. And, because the names are different, the effect of disabling and enabling the feature is reversed on the two newer operating systems. Table 20.1 shows the settings and the results.
You cannot always change this setting. In Windows XP Home Edition, Simple File Sharing is always on and cannot be turned off. So, other computers cannot connect to resources shared by XP Home using individual username/password security. In all other versions of Windows, the feature can be turned on or off, except if the computer is a member of a domain network. In this case, passwords are always required.
Finally, Windows 10, 8.1, 8, and 7 have a twist in the way that security works when Password Protected Sharing is turned off. On Vista and XP, when passwords are not required, all incoming network access uses the Guest account. Thus, anyone on the network can access any file in a shared folder if the file can be accessed by the user account Guest or by the user group Everyone.
But the following happens when a remote user attempts to use a folder or file shared by a Windows 10, 8.1, 8, or 7 computer with Password Protected Sharing turned off:
If the remote user’s account name matches an account in the sharing computer and that account has a password set, that account is used for file access.
If the remote user’s account matches an account in the sharing computer but that account has no password set, the Guest account is used.
If the remote user’s account matches no account in the sharing computer, the Guest account is used.
This change might seem convoluted, but it is actually very useful. First of all, this change was necessary to support the new HomeGroup feature. All homegroup member computers use a special password-protected account named HomeGroupUser$ to access other member computers, and this change lets it work whether Password Protected Sharing is turned on or off. Second, it gives you the option of giving designated users additional access privileges, without requiring you to set up a full-blown security scheme.
We know this discussion has probably given you a headache by now. You probably just want to know how to get at the library of pictures stored on your old computer. In the end, however, deciding how to set things up can be pretty easy, based on how concerned you need to be about security.
To see how to set up your network, decide which of the following three categories best describes your environment:
My computer is part of a corporate domain network.
In this case, accounts and passwords are always required. Your network administrator sets these up. Use the Security tab on any folder that you share to select the users and groups to which you want to grant access.
Ease of use is my priority, and network security is not a great concern.
In this case, turn off Password Protected Sharing on your Windows 10, 8.1, 8, 7, and Vista computers, and enable Simple File Sharing on any Windows XP Professional computers. This way, anyone on the network can access any shared folder.
You must make sure that a firewall is set up to block file and printer sharing access over your Internet connection. Use a connection-sharing router, Windows Firewall, or a third-party firewall program to do this. If you have a wireless network, you must enable WPA2 security so random strangers can’t get in.
Tip
If you change your password on any computer, it’s a good idea to make the same change on every computer where you have an account. This way, you won’t be asked to supply your password whenever you use network resources.
Security is important to me; I want specific control over which individual users can use specific shared files and folders.
In this case, turn on Password Protected Sharing on your Windows 10, 8.1, 8, 7, and Vista computers and disable Simple File Sharing on any XP Professional computers. Do not share sensitive resources from any computer that runs Windows XP Home Edition. (You should get rid of XP entirely because it’s no longer supported by Microsoft and doesn’t get bug and security patches). Do not create a homegroup.
On every computer that does share sensitive folders or printers with the network, you must create an account for every user who needs access to the shared folders or printers. For each user, be sure to create an account with the same name and the same password as on that user’s own computer.
To change the Password Protect Sharing setting on Windows 7 through 10, follow these steps:
1. Sign in as an Administrator.
All these rules about whether a password is required are interpreted by the computer that is sharing a folder or printer. When any version of Windows uses a folder or printer shared by another computer, that other computer sets the rules for requiring a password. For example, XP Home Edition never requires an account or password when someone wants to use its shared folders, but it can still use password-protected shared resources shared by, say, Windows 10 or even a Windows domain server.
2. Right-click the network icon in the desktop’s notification area and select Open Network and Sharing Center, and then select Change Advanced Sharing Settings.
3. Scroll down, open the All Networks section, and scroll to its bottom. The last item is Password Protected Sharing, and you can turn it on or off there.
To change the Password Protected Sharing setting on Windows Vista, follow these steps:
1. Click Start, Control Panel, Set Up File Sharing (under Network and Internet).
2. Click the circular icon with the down arrow to the right of Password Protected Sharing, change the Password Protected Sharing setting, and click Apply. You might need to confirm a user account control prompt. (A better alternative: Upgrade the computer to Windows 7 or 10.)
To change the Simple File Sharing setting on Windows XP Professional, follow these steps:
1. Sign in as a Computer Administrator.
2. Click Start, My Computer.
3. Press and release the Alt key to display the menu. Select Tools, Folder Options, and then select the View tab.
4. Scroll to the bottom of the Advanced Settings list. Simple File Sharing is the last entry in the list. Check or uncheck the entry as desired. Remember that Simple File Sharing on is the same as Password Protected Sharing off.
For more discussion of file-sharing password arrangements, see Chapter 18, “Creating a Windows Network,” and Chapter 33, “Protecting Your Network from Hackers and Snoops.”
If you have two or more Windows 7, 8, 8.1, or Windows 10 computers, you can set up a homegroup (as described in Chapter 18) to simplify sharing libraries, folders, and printers. The HomeGroup system is based on regular Windows file sharing, so computers running other operating systems can also participate in your network.
The easiest way to make XP and Vista fit in with a homegroup is to turn off Password Protected Sharing on all your computers. The instructions for changing this setting were given in the preceding section.
With Password Protected Sharing off, homegroup member computers will connect to each other using the special HomeGroupUser$ account, but all other combinations will use the Guest account. This means you need to make sure that resources are shared so that Everyone can use them. In particular, the file security settings for the shared folder and its contents must be set so that Everyone has read or read and write permission.
To ensure that this happens, use the following procedures when you’re sharing folders on various versions of Windows:
Windows 7, 8, 8.1, and 10—Right-click a folder or library and select Share With, Share with Homegroup (View), or Share with Homegroup (View and Edit). Then right-click it again and select Share With, Specific People. Type or select Everyone in the drop-down list, and then click Add. If you want other users to be able to change the contents of the folder, next to Everyone, click the word Read in the Permissions column and select Read/Write. Click Share to finish.
Windows Vista—Right-click a folder and select Share. Type or select Everyone in the drop-down list, and then click Add. If you want other users to be able to change the contents of the folder, next to Everyone, click the word Reader in the Permissions column and select Contributor. Click Share to finish.
Windows XP Professional or Home Edition—Right-click a folder and select Sharing and Security. Select Sharing This Folder and click Apply. Select the Security tab. Under Group or User Names, if there is an entry for Everyone, select it; otherwise, click Add, type Everyone, press Enter, and select the entry for Everyone. In the lower section (in the Allow column), Read & Execute, List Folder Contents, and Read should be checked. If you would like to let other network users modify the contents of the folder, check Modify. Click OK to finish.
Caution
If you give Everyone permission to change files, you must be sure that your network is well secured. If you have a wireless network, you must have it set up so that it has WPA2 security enabled (that is, so that a password or key is required to use the network). If you connect to the Internet, you must be sure that Windows Firewall or a third-party firewall product is set up to block Windows file sharing. If you don’t secure your network, “Everyone” means “anyone in the world,” and that’s a recipe for disaster.
But if you want to use passwords to grant or deny access to specific users and specific shared folders, you should leave Password Protected Sharing turned on. In this case, you could deal with your Windows Vista and XP computers in two ways:
Set up accounts on every computer using the same account name and password for each person, on each computer. This will give you complete control over who has access to which folders shared by Windows 10, 8.1, 8, 7, Vista, and XP Professional. (Per-user security is not available on folders shared by XP Home.)
Set up a single account that you’ll use for file sharing, perhaps named share, on every computer, with the same password on every computer. Use this account when you set the permissions on shared folders, and use this account when Windows asks for an account and password when you connect to another computer.
If you share your printer, it’s enough just to enable sharing. By default, all versions of Windows enable the Everyone group to print to every installed printer, so anyone on the network should be able to print to any shared printer without needing the security settings to be changed.
The Unix operating system, originally developed in the 1970s at AT&T’s Bell Laboratories as a platform for internal software development and as a “workbench” for programmers, is still evolving and growing. Today, hundreds of millions of people use Unix or Unix-like OSs such as Linux every day, sometimes without even knowing it, on everything from iMacs to Androids, laptops to mainframes, routers to Raspberry Pi, and...well, the list goes on and on.
The following sections look at ways to network Windows 10 with Unix-type OSs. Although many of the examples involve Linux, most of the examples can be translated to almost any Unix-type OS. And because typing “Unix-like” is already getting tiresome, from here on, we sometimes write just “Unix,” but we always mean “Unix and/or Linux and/or Mac OS X.”
OS X, by the way, has most of the networking command-line tools familiar to Unix users. For file sharing, OS X has specific built-in support for working with Windows, as discussed in the next section.
Samba is an open source (free) software suite available on most Unix-like OSs. The Samba server program makes it possible for Unix computers to share folders and printers that Windows users can access, and the Samba client tools let Unix users access folders and printers shared by Windows computers. The names of the Samba programs start with the letters smb
, which stands for Server Message Block. This is the name of the network protocol on which Windows file sharing is based.
Note
You can get more information about Samba and download a version for most Unix systems from www.samba.org. Most Linux distributions include a version of Samba and install it by default. For a good Samba introduction and reference, check out The Official Samba-3 HOWTO and Reference Guide (Prentice Hall, 2006, ISBN 0131882228), also available online at www.samba.org/samba/docs/man/Samba3-HOWTO.
To access file services shared by Windows computers from Unix, you must know exactly what resources are available from a given host on the network. Samba includes a command-line program called smbclient
for just that purpose. This application enables you to list available Windows shares and printers from within Unix. For example, the command smbclient -L //lombok
lists all the folders and printers shared by the computer named lombok
.
When you know the name of the desired shared folder, the smbmount
command enables you to mount the Windows share on the local (Unix) file system. The command
smbmount //lombok/shareddocs /mnt/winshare -U brian
mounts the SharedDocs
folder shared by computer lombok
to the local directory /mnt/winshare
. The -U
switch tells smbclient
what username to use when trying to mount the share. You are prompted for a password.
You also can use a Windows printer from a Unix client, but the procedure is complex and beyond the scope of this chapter. Some Linux distributions include a GUI print configuration tool to simplify the process. In any case, we recommend that you read the SMB How-To at http://en.tldp.org/HOWTO/SMB-HOWTO.html.
Note
If the Windows computer is running Windows 10, 8.1, 8, or 7 with Password Protected Sharing turned off, you can specify any nonexistent account name to gain access using the Guest account. If you specify a valid account name, you will gain access using this account. This differs from previous versions of Windows where, if Password Protected Sharing is turned off, the Guest account is used no matter what. Password Protected Sharing is discussed earlier in the section “Password Protection and Simple File Sharing.”
Samba also includes tools and servers to make your Unix system look like a Windows-based network server; this capability lets your Windows computers use files and printers shared by Unix systems.
The parameters for configuring Samba in a server capacity are contained in the file /etc/smb.conf
on the Unix host. The default file included with Samba has comments for every parameter to explain each one. Configuring the Samba server is beyond the scope of this book; however, we can offer a few pointers:
Some OSs, such as Mac OS X prior to 10.7 Lion, include a GUI tool to configure Samba file sharing. These tools make the job a lot easier.
If you must set up file sharing by hand, read the documentation and FAQs for your Samba version before starting the setup procedure. A good place to start is the previously mentioned site, http://en.tldp.org/HOWTO/SMB-HOWTO.html.
Configure Samba for user-specific passwords with the security
option. You must set up Unix user accounts for each of your Windows users. Alternatively, you can set up a single Unix account that all Windows users will share. Windows users would need to supply the selected username and password when they use Unix shares.
Set encrypt passwords = yes
in smb.conf
. You also must set up a user and password file for Samba’s use, which is usually specified with the smb.conf
entry smb passwd file = /etc/smbpasswd
. Your Samba documentation explains how to do this.
Alternatively, you can use share-level security without a password. This makes Samba behave similarly to a Windows host with Password Protected Sharing turned off. However, in this case, you must take care to prevent SMB access to your Unix computer from the Internet. To be precise, you must be sure that TCP port 445 is blocked.
When you have finished editing the smb.conf
file, you can test to see that the syntax is correct by using the Samba program testparm
. testparm
checks smb.conf
for internal “correctness” before you actually use it in a production environment.
You can configure Samba to offer standard Windows shared printer service. As an alternative, Windows 10 has built-in support to send output to Unix-based printers using the LPR remote printing protocol. You can install a standard Windows printer whose output is directed to a Unix system and can use this printer just as you would any local or networked Windows printer.
For instruction on connecting to an LPR-based printer from Windows, see “Using Unix and LPR Printers,” p. 466.
You can install software on Windows 10 to let Unix users print to any local printers’ shared Windows. This is the receiving end of the LPR protocol, and it’s called Line Printer Daemon (LPD) Print Service.
To install this service on a Windows host, sign in as a Computer Administrator and follow these steps:
1. Press Windows Logo+X and then select Programs and Features, Turn Windows Features On or Off. (Alternatively, press Windows Logo+R, and then type optionalfeatures and press Enter.)
2. Scroll through the list of features and open Print and Document Services.
3. Check LPD Print Service, and then click OK.
The Apple Macintosh is arguably the computer of choice in the music, graphic arts, design, and publishing worlds. Although Macs used to live pretty much in a world apart, it’s common now for both Macs and Windows computers to coexist on the same network.
Microsoft used to provide software to support file sharing for Macs, but it appears to have lost interest in providing this support. Fortunately, Apple stepped up and has provided Windows-compatible networking support as a standard part of OS X since OS X 10.7 (Lion). You can also add Windows networking support to older Mac OS computers. We cover these options in the next several sections. First, though, let’s talk about other issues that come up when Windows and Macs need to work together.
If you share files between Macs and Windows computers on your network, you need to be aware of some compatibility issues.
The first issue arises because Mac files actually consist of two separate parts, called forks:
The data fork, which contains data, document text, program code, and so on
The resource fork, which in applications contains language-specific strings and dialog box layouts for programs, and in documents contains the association information that links a document to the application that created it
The two parts can be read and written to completely independently. It’s as if each Mac file is composed of two bundled but separate files.
Windows also supports this concept. On Windows, the separate parts are called streams rather than forks. But, for reasons unknown, they’re not used for Mac file sharing. When a Mac file is copied to a Windows shared folder, the resource fork data is stored in a separate hidden file. If the Mac file is named special.doc
, the resource data is put into a file named ._special.doc
. It’s invisible unless you enable the display of hidden files in File Explorer.
The problem is that if you move, edit, or rename the main document or application file in Windows, the resource file might be left behind or end up with the wrong name. Then, on the Mac side, the Mac will no longer know what application to use to open the document—and in the case of an application program, the application will not run. Therefore, it’s best not to store Mac applications or documents on Windows shares if they might be renamed or moved.
Mac filenames can have up to 255 characters and can contain any character except the colon (:).
Windows permits filenames up to 256 characters in length but has a longer list of unacceptable characters: the colon (:), backslash (), forward slash (/), question mark (?), asterisk (*
), quotation mark (”), greater-than symbol (>), less-than symbol (<), and pipe symbol (|). Therefore, for files that will be shared, it’s best to avoid all of these characters when you name files on your Mac.
When a Mac application is installed on a shared folder stored on a Windows computer, an “Unable to Open File” error occurs on Macs when more than one Mac user attempts to run the application concurrently.
Mac OS X comes with Windows-compatible networking support built in. This means that Macs running OS X can connect directly to drives and folders shared by Windows computers. You don’t even need to use the command line; the Mac GUI can connect to folders shared by Windows computers as easily as those shared by Macs.
Note
This section shows you how to use Windows shared files from your Mac and how to share files from your Mac for use by Windows. To see how to set up file sharing on Windows, see Chapter 21, “Using a Windows Network.”
On OS X 10.5 and later editions, you can easily browse folders shared by Windows computers—or network file storage devices that use Windows file-sharing protocols—from any Finder window. In the left pane, under Shared, you can select a Windows computer or file-sharing device from the list of detected computers and then browse into its shared folders, as shown in Figure 20.1.
When you select a remote computer, OS X attempts to connect to the computer using your Mac account’s username and password so that it can display a list of available shared folders. If this fails, you can use a different account by clicking the Connect As button that appears in the upper-right corner of the Finder window. We discuss accounts in the next section, “Selecting a Windows Account.”
If you are using OS X 10.4 or earlier, or if the Windows computer does not appear in the list of local computers that the Finder displays under Shared, there is an alternative way to connect. Select the Finder and choose Go, Connect to Server. The dialog box shown in Figure 20.2 appears.
You can enter the UNC name of the shared folder directly, in the format smb://
computername/
sharename, where computername is the name of the Windows computer or its IP address, and sharename is the name of the shared folder. For example, the Public folder on a computer named sulawesi
could be entered as smb://sulawesi/users/public
, or using the computer’s IP address, as something like smb://192.168.0.12/users/public
. Click Connect to proceed.
Tip
If you cannot make the connection work even though you know that the remote computer or storage device is working, try changing the server address field so that it starts with cifs:// instead of smb://. This tells the Mac to use the older SMB1 network protocol instead of the default SMB2 protocol. Some devices have problems with Apple’s implementation of SMB2.
You can click the + button to add the path to the Favorites list. You also can click the Browse button to select from a list of detected Mac and Windows computers.
Whichever connection method you use, when you connect, a login dialog box might appear. If you’re connecting to a Windows 10 computer on a home or small office network, the following applies:
If Password Protected Sharing is enabled, or to access files that are shared only to specified user accounts, choose Connect As Registered User. Enter a username and password that is valid on the Windows computer. (On a home or small office workgroup network, you can ignore the Workgroup or Domain entry, if it appears. Fill in just the Name and Password entries.) You will connect with the file and folder access rights associated with this account.
If you have disabled Password Protected Sharing, select Connect As Guest; alternatively, enter the username Guest with no password. (Actually, you can enter any invalid username, with any password.) This gives you the file and folder access rights granted to Everyone.
In most cases, using Guest access means that you will have access only to the shared folder UsersPublic
, but no other shared folders, unless the person who shared the other folders explicitly granted rights to Everyone. You likely won’t even be able to view the list of users folders inside Users
so that you can get to the Public folder. If you can’t view the contents of the Users
folder, use the Finder’s Go, Connect To Server menu item to directly connect to folder smb://
computername/Users/Public
, as shown in Figure 20.2.
Note
If you are using a Microsoft (online) account with Windows 10, the username for networking is not the email address you use when you sign in. To find the real name of your Windows computer account, press Windows Logo+X and select Command Prompt or Windows PowerShell, whichever appears in the pop-up menu. In the window that opens, you will see something like this: c:usersrian_000>
. The word after users
is your account name (in this example, it’s brian_000
). Use this name when you try to connect from your Mac to a shared Windows folder.
If you are connecting to a Windows computer on a Windows domain network, enter a valid domain username and password. When the Mac has made the network connection, the shared folder is displayed in a Finder window like any other folder.
To disconnect from the network share on OS X 10.5 or later, click the Eject button next to the computer’s name under Shared in the Finder window. On OS X 10.4, drag the shared folder desktop icon to the trash or locate it in the Finder and click the Eject button.
Note
When a Mac user opens a Window share, the Finder creates a file named .DS_Store
and sometimes also one named ._.DS_Store
. These hold Mac desktop information. Windows users should ignore these files, just as Mac users should ignore the file desktop.ini
.
Now, recall the point we made earlier about Mac files having two parts, or forks. If you copy a file from a Mac to a shared Windows folder, Windows might create an extra hidden file to contain the resource information for the file. The resource file’s name will consist of a period and an underscore followed by the name of the main file. Windows users must move and rename these files together; otherwise, Mac users will receive errors when they try to access the files.
If you are using a Mac, to use a printer that is shared by a Windows computer, follow these steps:
1. On the Windows computer, when you share the printer, be sure to use a share name that’s no more than 12 letters long. If you use a longer name, the printer might not appear in the list of printers on the Mac.
2. On the Mac, open System Preferences and select Print & Fax.
3. If the page is locked, click the lock icon and enter an administrator’s credentials.
Click the + button to add a printer.
On OS X 10.4, at the bottom of the Printer Browser dialog box, click More Printers.
4. At the top of the next Printer Browser dialog box, select Windows (on OS X 10.5 and later) or Windows Printing (on OS X 10.4), and underneath, select the appropriate Windows workgroup name. In the computer list, choose the name of the computer that is sharing the printer you want to use.
Note
In our testing we found that there could be delays of up to a couple of minutes between printing a document from the Mac and having the Windows printer start up.
5. In the Connect To dialog box, enter a username and password that is valid on the Windows computer. (See the preceding section, “Selecting a Windows Account.”) If you turned off Password Protected Sharing on the Windows computer, you can select Connect As: Guest (or enter username Guest with no password).
6. Select the desired shared printer in the list. Open the Print Using list (on OS X 10.5 and later) or the Printer Model list (on OS X 10.4), and then select the correct printer manufacturer name and model. Finally, click Add.
This procedure adds the Windows printer to the list of available printers on your Mac.
Mac OS X computers can share folders with Windows computers over the network, thanks to the Windows-compatible software that is installed as part of OS X.
To enable Windows-compatible file sharing on OS X 10.5 (Leopard) or later, follow these steps:
1. Open System Preferences and select Sharing. If the panel is locked, click the lock icon and enter an administrative password.
2. If File Sharing is not checked, check it. Select folders to share, and for each selected folder, choose the user accounts that can access the share. This much is standard for file sharing on the Macs. The next step lets you use these same folders from Windows computers.
Tip
To save yourself a world of pain, create user accounts on your Mac and Windows computers using the same account names (short names, in Mac parlance) and passwords on both types of computers. From the Windows side, you cannot use or even see a list of the folders or printers shared by the Mac unless you are using a Windows account that matches up with one on the Mac and that has been enabled on the Sharing page. If you want to use Microsoft (online) accounts on Windows 10, create local Windows accounts first, using the same account names as you use on your Macs, and then turn those Windows accounts into Microsoft accounts. We discuss this in Chapter 3, “Your First Hour with Windows 10,” in the section “Setting Up User Accounts.”
3. Click Options, and then check Share Files and Folders Using SMB (Windows), as shown in Figure 20.3.
To enable Windows-compatible file sharing on OS X 10.4 (Tiger), follow these steps:
1. Open System Preferences and select Sharing. Check Windows Sharing.
2. Click the Accounts button and check the names of the accounts that you want to permit to be used for Windows Sharing connections.
3. Click Show All and select Accounts.
On Windows, you can use Mac shared folders just as you use folders shared from any Windows computer. Macs appear in the list of available computers in the Network folder, and you can open the shared folders from those icons.
Note
When you open the Network folder icon for a Mac running OS X 10.4, or use the net view
command to view the items shared by a Mac running OS X 10.4, you will see only shared folders and printers that you have permission to use.
You can also specify a Mac shared folder directly by using its UNC pathname. By default, OS X 10.5 shares users’ Public folders, with share names based on each user’s full name. For example, the path to my Public folder might be \
computernamerian knittel's public folder
. OS X 10.4 shares users’ entire home directories by default, using each user’s short name. Therefore, on OS 10.4, my home directory’s UNC path might be \
computernameknittel
.
After enabling Windows Sharing in System Preferences, you can share your Mac’s printer(s) with Windows users by selecting Show All and then clicking Print and Fax. View the Sharing tab, click Share These Printers with Other Computers, and check the printers that you want to make available to others.
To use a printer shared from a Mac on Windows, follow these steps:
1. Set up accounts on both the Mac and on Windows, using the same account name and the same password on both computers.
2. On the Mac, enable SMB File Sharing on the Mac as described in the preceding section, “Using Mac Shared Files on Windows.” Then enable Printer Sharing on the System Preferences Sharing page. Select the printer that you want to use from Windows.
3. Follow the strange procedure described next.
The strange bit is that you must trick Windows into using a PostScript printer driver, no matter what type of printer the Mac is really sharing. The Mac accepts only PostScript printer codes and converts the PostScript to the appropriate codes for its installed printer.
To connect to the Mac printer from Windows, follow these steps:
1. Press Windows Logo+X, select Control Panel, and under Hardware and Sound, select View Devices and Printers, Add a Printer, The Printer That I Want Isn’t Listed. Then click Add a Bluetooth, Wireless or Network Discoverable Printer, and click Next.
2. Wait for the desired Mac printer to appear in the list. Double-click it. If requirements 1 and 2 from the previous list aren’t met, the printer won’t appear.
It also won’t appear if the Mac is on a different subnet than the Windows computer. In this case, click Cancel. Repeat the process but this time select Select a Shared Printer by Name, and then enter the printer share name as \
ipaddresssharename, where ipaddress is the IP address of the Mac and sharename is the name of the Mac printer.
3. When the message “The server for the printer does not have the correct printer driver installed” appears, click OK.
4. In the Manufacturer list, select HP. In the Printers list, if the Mac printer is a color printer, select HP Color LaserJet 2800 Series PS. If the Mac printer is a black-and-white printer, select HP LaserJet 2300 Series PS. Then click OK.
Windows 10 comes with some networking features or services that are not used in most networks but can be essential in others. We don’t cover these features in great detail because your network manager will probably install them for you if they’re used on your LAN.
Table 20.2 describes the optional features. Not every component is available on every version of Windows 10. To enable any of the components, press Windows Logo+X and then select Programs and Features, Turn Windows Features On or Off. Check the box next to each desired feature, and then click OK.
The Reliable Multicast Protocol is installed using a different procedure from that used to install the other services listed in Table 20.2. If required, it can be installed for a specific network adapter using these steps:
1. Press Windows Logo+X and then select Control Panel, View Network Status and Tasks (under Network and Internet), Change Adapter Settings.
2. Right-click a network adapter and select Properties.
3. Click Install. Select Protocol, and then click Add.
4. Select Reliable Multicast Protocol and click OK.
If you have an office LAN, especially one with mixed and matched computers, you probably, like me, have a chart of computer names and IP addresses posted on your wall—not just computers, but routers, firewalls, monitored devices, and all manner of devices. (Who knows? Your next espresso machine might have an Ethernet port on it.)
On a corporate or enterprise LAN, the LAN administrators enter each device into the organization’s domain name service (DNS) so that you can type a command such as ping firewall
instead of needing to type ping firewall.mycompany.com
or, worse, something like ping 192.168.56.102
.
On a home or small office LAN, though, you probably don’t have your own domain name server. The hosts file is the answer to this annoying situation. You can add entries to the file windowssystem32driversetchosts
to associate names with IP addresses for devices that have fixed (static) IP addresses. The Windows domain name lookup software looks first in the hosts file before consulting the network, so you can add entries for your own workgroup’s computers and devices, as long as they have fixed addresses, regardless of OS.
(You can’t use the hosts file for devices that have dynamic addresses assigned by DHCP. Windows, though, can usually figure out the names of other Windows computers, even if they have static addresses.)
The format is simple, but editing it is a bit tricky because it’s a protected file. The hosts file has become a target for adware hackers, who put fake entries in it to hijack your web browser.
To edit it, press Windows Logo+X, select Command Prompt (Admin) or Windows PowerShell (Admin), whichever appears in the pop-up menu, and confirm the User Account Control prompt. Then, when the Command Prompt window opens, type notepad windowssystem32driversetchosts and press Enter.
Add lines to the file, listing IP addresses at the left margin, followed by some whitespace (tabs or spaces), followed by one or more names. You can enter simple names or full domain names. Simple names are assumed to belong to your own domain.
My hosts file looks like this:
127.0.0.1 localhost
192.168.56.1 router
192.168.56.45 macmini
The first entry is the default entry shipped with Windows. localhost
stands for “my own computer” and is used for internal testing of the network software.
I added the second entry myself to give a name to my network’s wireless router. I can now configure the router by typing //router into my web browser, instead of needing to look up at that sheet on the wall and typing a bunch of numbers.
Finally, there’s an entry for my Mac computer, macmini
. This way, I can view its web server’s home page from a web browser using http://macmini
instead of needing to remember its IP address.
This file also serves as a sort of documentation of my network because it records important IP addresses. One thing you must watch out for, though, is that Windows checks this file before using the real DNS system to look up names. If you put a name in your LAN’s (or the Internet’s) DNS system and the computer’s IP address later changes, your hosts file will be incorrect. It’s best to use this file only for machines that are in nobody’s DNS system.
3.133.112.171