Networking – How to setup 2 PC computers for file sharing with a crossover cable

networking

I have two PC computers and I want to share files between them with a crossover Ethernet cable. I have been playing with different network configurations back and forth but I can't quite get it to work.

Computer 1

OS: Windows XP Pro SP2
Hostname: TOSH
Workgroup: WORKGROUP

Local Area Connection (Internet Protocol 4 properties)

IP: 10.0.0.1
Subnet mask: 255.255.255.0
Default gateway: none
Primary DNS: none
Secondary DNS: none

Computer 2

OS: Windows Vista SP2
Hostname: GIGA
Workgroup: WORKGROUP

Local Area Connection 1 (Internet Protocol 4 properties)

IP: 10.0.0.2
Subnet mask: 255.255.255.0
Default gateway: none
Primary DNS: none
Secondary DNS: none

Wireless Network Connection (Internet Protocol 4 properties)

IP: Obtain automatically (192.168.0.103 is assigned by DHCP)
Subnet mask: NA (255.255.255.0 in effect)
Default gateway: NA (192.168.0.1 is DHCP/gateway)
Primary DNS: Obtain automatically
Secondary DNS: Obtain automatically

So far so good! I can ping them both, it works in both directions. For the demonstration, here are the ping results.

Pinging Computer 1 from Computer 2:

C:\Windows\system32>ping 10.0.0.1

Pinging 10.0.0.1 with 32 bytes of data:
Reply from 10.0.0.1: bytes=32 time=1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128
Reply from 10.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 10.0.0.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\Windows\system32>

Pinging Computer 2 from Computer 1:

C:\WINDOWS>ping 10.0.0.2

Skickar signaler till 10.0.0.2 med 32 byte data:

Svar från 10.0.0.2: byte=32 tid < 1 ms TTL=128
Svar från 10.0.0.2: byte=32 tid < 1 ms TTL=128
Svar från 10.0.0.2: byte=32 tid=1ms TTL=128
Svar från 10.0.0.2: byte=32 tid < 1 ms TTL=128

Ping-statistik för 10.0.0.2:
    Paket: Skickade = 4, mottagna = 4, Förlorade = 0 (0 %),
Ungefärligt överföringstid i millisekunder:
    Lägsta = 0 ms, Högsta = 1 ms, Medel = 0 ms

C:\WINDOWS>

Sorry about that, the XP computer is localized to Swedish. But it's self-explanatory anyway.

On Vista computer:

Windows Firewall is disabled.
There is no third-party firewall installed.
I can see TOSH computer if I click on Network.
I can view the shares and printers on TOSH.
I can browse Shared Documents folder and read and write files from and to this folder.

On XP computer:

Windows Firewall is disabled.
Kaspersky Internet Security is installed but protection is paused.
I can see GIGA computer if I click on My Network Places.
I can view the shares and printers on GIGA.
I CANNOT browse the Public folder. It results in error.

error

So you can see the error here now. Again, XP is localized to Swedish. For reference, this error message might need a translation.

\Giga\Public is not available. You might not have permission to use
this resource. Ask the server administrator for help.

Access denied.

Why does it work one way but not the other? Does this have anything to do with the IP assignment? One being server, the other being a client?…

And is it possible to access all of files of an entire system disk without any restrictions, as if you were sitting by that computer? Or do you have to make shares for every single folder with files that you want to access on the other computer? Is perhaps FTP a better solution for a broader access of files?

Access on XP:
I'm primarily interested in accessing these paths

C:\Documents and Settings\
C:\Program\

But having access to the entire C: drive on the XP computer would be much nicer.

Access on Vista:
I want to access these paths

C:\Users\
C:\Users\Public\

I would like to access at least the Public folder. But for some reason that's not working…

Using the admin shares

As suggested in the comments, I tried using the admin shares to access the entire disk drive. I did this on both computers but it didn't work on either of them. What happens is I get an authentication dialog box asking for user name and password. But when I type in my user name and password, access is denied. It says I need to check user name and password.

I was using the user name and password of the remote computer… should I use the user name and password of the local computer (the computer I am accessing the other computer from) and maybe even have the same user name on both computers?…

On XP computer

xp1

xp2

xp3

On Vista computer

vista1

vista2

vista3

vista4

vista5

After the first attempt to log in, the "user name" input field becomes greyed out and unavailable. At this point only the password field can be changed. After the second attempt, the user name field becomes not just unavailable but also empty. At this point I have to start all over again from the Run prompt. Is this normal?…

It's different with XP. It doesn't matter how many time I type in the wrong password or how many attempts I make to access the admin share, the dialog stays put. Also, it doesn't show any errors or warnings about use of correct password like it does on Vista. The dialog just flashes and returns when the login fails.

Why is the admin share access not working? Do I have to make some change to the system first? Maybe some registry edit? Or some Group Policy edit?

Creating new share and user accounts

I have created a new share on the Vista computer.

Local path: C:\Share 1
Share name: Share 1
Network path: \\GIGA\Share 1
Group: All
Permissions: read, change

I have given full control to the group All.

share1

I have also created new user accounts (Testuser1) on both XP and Vista computer. I have the following users now.

XP computer users

Descartes (admin account)
Testuser1 (admin account)
Administratör (built-in admin account, enabled)
Gäst (built-in guest account, enabled, not in use)

Vista computer users

Sammy (admin account)
Testuser1 (admin account)
Administratör (built-in admin account, disabled)
Gäst (built-in guest account, enabled, not in use)

If i log in as Sammy on the Vista computer, and if I try to open \10.0.0.1\ then the Network folder opens and shares and resources of the XP computer are shown. I can open \10.0.0.1\Shared Documents, and write and read files. If I try to open \10.0.0.1\c$ I get an error. I am logged in as Descartes on the XP computer when I do this.

While logged in as Descartes on the XP computer and Sammy on the Vista computer, if I try to open \10.0.0.2\ then the My Network Places folder opens and shares and resources of the Vista computer are shown. I cannot open \10.0.0.2\Public, I get an error. Also, if I try to open \10.0.0.2\c$ I get an error.

Now that I have created the new Share 1 on the Vista computer, I tried to open it from the XP computer. When I was logged in as Descartes on the XP computer this didn't work. But when I logged in as the new Testuser1, it worked!

I will try to sum it all up here. Toshi is the XP computer, and GIGA is the Vista computer.

From GIGA to TOSHI (remote)

Sammy@GIGA can read and write to \10.0.0.1\Shared Documents\ with Descartes@TOSH
Sammy@GIGA can read and write to \10.0.0.1\Shared Documents\ with Testuser1@TOSH
Testuser1@GIGA can read and write to \10.0.0.1\Shared Documents\ with Descartes@TOSH
Testuser1@GIGA can read and write to \10.0.0.1\Shared Documents\ with Testuser1@TOSH

From TOSHI to GIGA (remote)

Descartes@TOSH cannot access \10.0.0.2\Public\ with Sammy@GIGA
Descartes@TOSH cannot access \10.0.0.2\Share 1\ with Sammy@GIGA
Descartes@TOSH cannot access \10.0.0.2\Public\ with Testuser1@GIGA
Descartes@TOSH cannot access \10.0.0.2\Share 1\ with Testuser1@GIGA
Testuser1@TOSH cannot access \10.0.0.2\Public\ with Sammy@GIGA
Testuser1@TOSH can read and write to \10.0.0.2\Share 1\ with Sammy@GIGA
Testuser1@TOSH cannot access \10.0.0.2\Public\ with Testuser1@GIGA
Testuser1@TOSH can read and write to \10.0.0.2\Share 1\ with Testuser1@GIGA

When I log in as Testuser1 on the XP (TOSHI) computer, and I try to connect to the Vista (GIGA) computer, I get the authorization dialog box. In that dialog box, I use the same credentials as for the user that's logged on to the Vista computer at the moment. So if Sammy is currently logged in on Vista computer I would use the credentials for Sammy to authorize, and so on. I'm not sure what would happen if I used the credentials for the Testuser1 on Vista (the Vista account). That would result in too many permutations for my brain to handle. I wouldn't be able to know what is what anymore. It's complicated already as it is. 🙂

When I log in as Descartes on the XP computer, and I try to connect to the Vista computer, don't get that authorization dialog box at all. It just jumps right in. I think it logs in automatically as I log in to Windows. It has probably something to do with that account and its configuration. This is the preferred account that I'm logged into when Windows XP loads.

On the side note, how can I close a connection without having to log out of that account? Is there a disconnect option somewhere in the My Network Places folder and the View Workgroup view?

I have only created a single new share on the Vista computer for testing. I have not tried creating a new share on the XP computer and try to access it from the Vista computer. I just assume it will work, because I can already access the Shared Documents folder from the Vista computer. If I can access this one I believe I can access any share on the XP computer from the Vista computer. It's an assumption, but a qualified assumption, given what I already know.

Best Answer

You could simply share out the C: on both machines, set the Share permissions to Everyone > Full Control and the NTFS permissions to Everyone > Full Control and ANONYMOUS LOGON > Full Control

Clearly not secure, but you would be able to read/write files without the complications.

Enabling file sharing and administrative shares on Vista

The first thing you will need in order to access the administrative shares is an administrator account with a password. So let's look at that first.

Creating an administrator account

Click on Start.
Click on Control Panel.
Click on User Accounts and Family Safety.
Click on User Accounts.
Click on Manage another account. If prompted by UAC click Continue. If you already have an administrator account but no password, jump to step 8. If you don't have an administrator account or you want to add a second administrator account then see next step to create one. Note that you must be logged in as an administrator in order to create new administrator accounts.
Click on the link Create a new account.
Type the new user name, select Administrator and click Create Account. The new account will now appear in the list of accounts.
To add a password to an account, click on the account name.
Click on the link Create a password.
Type in a password and click Create password. The account will now appear as "Password protected".
Close the Manage Accounts window. Done!

It's needless to say, as this is a "superuser" site, but I'll say it anyway. If you have created a new administrator account previously, then you will have to log out from the current account and then log in with the new account to use it. If you are already logged in with an administrator account, and you only added a password to it, then you don't need to log out.

Screeniez...

Now that you have that sorted out, you now need to make sure you have file sharing enabled.

Enabling file sharing

Click on Start.
Click on Control Panel.
Click on Network and Internet.
Click on Network and Sharing Center. Under Sharing and Discovery section, make sure that Network discovery, File sharing, and Public folder sharing is turned on. If they are, jump to step 8. If not, see the next step.
Click on the arrow next to Network discovery, select Turn on network discovery and click Apply. If prompted by UAC, click Continue.
Click on the arrow next to File sharing, select Turn on file sharing and click Apply. If prompted by UAC, click Continue.
Click on the arrow next to Public folder sharing, select Turn on sharing so anyone with network access can open, change, and create files. If prompted... you get the point.
Now make sure that Password protected sharing is turned off. If it's on then you must turn it off.
Close the Network and Sharing Center window. Done!

Screeniez...

Now that you have that sorted out, you need to make sure that Windows Firewall is set up properly.

Setting up Windows Firewall

Click on Start.
Click on Control Panel.
Click on Security.
Click on Windows Firewall.
Click on Change settings link. Click Continue if prompted by UAC.
Make sure the firewall is set to On and that Block all incoming connections is NOT checked. If you made any changes, click Apply.
Click on Exceptions tab. Now make sure that Core Networking, File and Printer Sharing, and Network Discovery is checked.
Click OK to save any changes and close the dialog box. Done!

Screeniez...

Now that you got all that sorted out, there is one last thing you need to do. On Windows Vista and later versions of Windows, you need to modify the registry to enable access to the administrative shares.

Enabling access to administrative shares

Click on Start, then click Run. If not available, press Win+R and you will get the Run prompt.
Type regedit and press Enter. Click Continue if prompted by UAC.
Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System and make sure there is a value named LocalAccountTokenFilterPolicy. If it's there, then you might need to change the value data. See step five. If you don't see it, then you need to add it in next step.
From the Edit menu, select New, then DWORD (32-bit) Value and name it LocalAccountTokenFilterPolicy.
Right-click on LocalAccountTokenFilterPolicy and select Modify. As Value data, enter a 1 and click OK.
From the File menu, select Exit to close the Registry Editor. Done!

Screeniez...

That's it! Windows Vista is now ready. Onto Windows XP...

Enabling file sharing and administrative shares on XP

Just like with Windows Vista, in Windows XP you need to...

Have an administrator account.
Have a password for that account.
Have file sharing enabled.
Firewall needs to be set up properly.
Administrative share access needs to be enabled.

The major difference is in the way that administrative shares are enabled. Another difference is in the way that file sharing is enabled. On Windows XP, there is no centralized place in the control panel like the Network and Sharing Center in Vista and above, where you can basically configure everything that has to do with file sharing. Instead, file sharing is configured per network connection. So let's have a look at that.

Creating an administrator account

Click on Start.
Click on Control Panel.
Click on the Switch to Classic View link on the left pane. (If it says "Switch to Category View" then you don't have to do anything.)
Double-click on User Accounts. If you already have an administrator account but no password, jump to step 9. If you don't have an administrator account or you want to add a second administrator account then see next step to create one. Note that you must be logged in as an administrator in order to create new administrator accounts.
Click on the link Create a new account.
Type the new user name and click Next.
Select Computer administrator and click Create Account. The new account will now appear in the list of accounts.
To add a password to an account, click on the account name.
Click on the link Create a password.
Type in a password and click Create Password. The account will now appear as "Password protected".
Close the User Accounts windows. Done!

Screeniez...

Now let's look at enabling file sharing on XP.

Enabling file sharing

Click on Start.
Click on Control Panel. Make sure you're using the Classic View.
Double-click on Network Connections.
Double-click on the Local Area Connection.
Click on Properties.
Make sure that Client for Microsoft Networks, File and Printer Sharing for Microsoft Networks, and Internet Protocol (TCP/IP) is checked.
Click OK to save any changes and then Close to close the dialog boxes. Done!

Screeniez...

Now let's look at setting up the firewall.

Setting up Windows Firewall

Click on Start.
Click on Control Panel. Make sure you're using the Classic View.
Double-click on Windows Firewall.
Under the General tab, make sure the firewall is set to On and that Don't allow exceptions is NOT checked.
Click on the Exceptions tab and make sure that File and Printer Sharing, and UPnP Framework is checked.
Click OK to save any changes and close the dialog box. Done!

Screeniez...

Finally, let's look at how administrative shares are enabled on XP.

Enabling access to administrative shares

Click on Start.
Click on My Computer. Alternatively, press Win+E.
Click on Tools menu and then click Folder Options.
Click on the View tab.
Make sure the option Use simple file sharing is unchecked. If it's checked, then you must uncheck it.
Click OK to save the changes and close the dialog box.

Screeniez...

If you are reading this because you are having trouble accessing the administrative shares on XP, then chances are that it's caused by "Simple File Sharing". As "simple" and innocent as it might seem, it actually puts a spoke in the wheel. Disabling this single option enabled me to access the administrative shares on my XP computer from my Vista computer.

All my other settings were nailed down perfectly, except for this one. I didn't even know, and I wouldn't have expected something like Simple File Sharing to change the security policy on the system so radically. I discovered this by accident, and at first I didn't believe it myself. So I had Windows XP re-installed two times, last time I even made a complete switch to an English version of Windows XP Professional with SP2. It's the same behavior as in my Swedish version, no change. I did a clean install both times.

The only question is... is this a security feature or a bug?...

In either case, that's how you enable access to administrative shares on XP. You just kill off the Simple File Sharing, and if the rest of the settings are done right, then it should work. Some users might find it that not having Simple File Sharing enabled makes sharing files and folders on XP a little more difficult, but it's not really that hard for a "superuser" now, is it? But it's awkward that you must disable a user friendly feature of XP just to get to the more advanced stuff, it's a stupid implementation from Microsoft.

After disabling Simple File Sharing, you will get some new options on the Properties dialog box for the disk you're trying to access remotely. Let's have a look at that.

Verifying that C$ is shared

Click on Start.
Click on My Computer.
Right-click on the system disk C: and click Properties.
Click on the Sharing tab.
Make sure that it's set to Share this folder. Now verify that Share name is set to C$.
Click OK to save any changes and close the dialog box.

Screeniez...

This is what it looks like when Simple File Sharing is enabled.

And this is what it looks like when Simple File Sharing id disabled.

Running the net share command to "verify" that the C$ share is configured is not very helpful. Even if you see it in the list, it doesn't mean anything. It merely suggests that it's installed or configured, but that doesn't necessarily mean that you can actually use it. Not until you disable Simple File Sharing, and you see it appear in the Sharing tab of the Properties dialog box for the disk whose administrative share you want to access.

Here's an example of what it might look like (in XP).

Or in code formatting...

C:\WINDOWS>net share

Share name   Resource                        Remark

-------------------------------------------------------------------------------
ADMIN$       C:\WINDOWS                      Remote Admin
C$           C:\                             Default share
IPC$                                         Remote IPC
The command completed successfully.


C:\WINDOWS>

What you see is not exactly what you will get, not in this case anyway. (Reference to WYSIWYG.)

Troubleshooting

In case you run into those pesky errorz...

Check the cable!
Check IP settings!
Disable any 3rd party firewalls!
Go over the settings again!
Try the Administrator account.
Use the net use command!

Network cable and IP settings

Make sure the network cable is properly seated. Here's an example of error you might see if the connection is broken for some reason, e.g. cable disconnected.

If you have two computers connected directly to each other, as in my case, then you might need a crossover network cable (where wires 3 and 1, and 6 and 2 have been crossed). It's not very likely, but it's worth noting. Any modern NIC from at least year 2000 and onwards should have Auto MDI-X support. This allows you to use straight network cables (non-crossed, i.e. MDI).

Go over your IP settings again, and whenever possible use the automatic DHCP negotiation.

Using Administrator account

You don't actually need to set up a password protected administrator account to use the administrative shares if you don't want to. You might as well use the Administrator account. But don't get confused by this. Because "Administrator" is the actual name of the account, and it's an administrator level account. It's not your regular administrator account. This account comes built-in on both Windows XP and on Vista. Only difference is that it's enabled by default on XP, while it's disabled by default on Vista. So in case of Vista, you will have to enable it first before you can use it. Run lusrmgr.msc from the Run prompt on either XP or Vista and you'll get the "Local Users and Groups" window. From here you can see all the users and groups, and you can check account status, disable or enable accounts, including the Administrator account. You can even enable it temporarily and then disable it later on when no longer needed.

There is also a very neat command you can run to activate the built-in administrator account.

To enable:

net user administrator /active:yes

To disable:

net user administrator /active:no

This is a very useful command, even necessary for those of you poor souls who didn't pay M$ enough money and are now sitting with one of those intentionally limited versions of Windows Vista. Those include the Starter, Home Basic and Home Premium. These versions don't have the "Group Policy Editor" and the "Local Users and Groups".

I'm a sucker too, I payed for the Vista Premium FPP (full product package), full version, but these useful tools were apparently not considered a "premium" so M$ didn't bother including them. They didn't include the 64-bit DVD either, that was an "extra" I had to order separately. You might consider yourself lucky if you are on Vista Professional or Vista Ultimate (or Vista Enterprise) because those have all the tools you will ever need. Hence, the commands above will be useful for the less privileged Windows users (economically and technically speaking). Don't forget to disable the built-in administrator account once you're done with it.

Using the "net use" command

This is another useful command. You can use the net use command to remove timed-out network sessions. Often time when an established connection to a share has not been in use for some time it will become disconnected. Sometimes this can cause errors when you try to use the share again. In this case, you need to flush that out. You can do that by either rebooting the remote computer, or preferably rebooting both the remote and the local computer. But if you don't like rebooting, don't have time for it, can't afford it because of other work being done, or whatever the reason, you can use this command instead.

Here's how it works.

You open up a Command Prompt window (or cmd) and you only issue the bare net use command. It will return all active or in-active network sessions. Here's an example.

C:\Windows\system32>net use
New connections will be remembered.


Status       Local     Remote                    Network

-------------------------------------------------------------------------------
Disconnected           \\tosh\c$                 Microsoft Windows Network
The command completed successfully.


C:\Windows\system32>

You can see here that I'm disconnected from \\tosh\c$ because I am not actively using it right now. If this is causing you problems, then you can safely remove it. Let's do that.

C:\Windows\system32>net use /delete \\tosh\c$
\\tosh\c$ was deleted successfully.


C:\Windows\system32>

You can see here that it's been deleted. You just have to add in the /delete switch followed by the UNC path to the share and hit Enter. So let's see if it's removed now.

C:\Windows\system32>net use
New connections will be remembered.

There are no entries in the list.


C:\Windows\system32>

You can see here that there are no entries now. So it's gone now. Now, when you connect to the share again, you will be prompted for credentials (i.e. user name and password) again. By the way, you can connect to it again by using the Run prompt. Just press Windows key and R and in the Run prompt type in the UNC path to the share, e.g. \\tosh\c$ and hit Enter. Provide the credentials and hit Enter and you should be right where you started. I have done that now already. So let's use the net use command again to check the status.

C:\Windows\system32>net use
New connections will be remembered.


Status       Local     Remote                    Network

-------------------------------------------------------------------------------
OK                     \\tosh\c$                 Microsoft Windows Network
The command completed successfully.


C:\Windows\system32>

So as you can see now, it says "OK". So we are connected and back to business again.

By the way, I should point out that you will probably have to use this command after a failed connection to a Windows XP computer where Simple File Sharing was not disabled when you attempted to connect. What might happen when you try to connect to the XP computer when the Simple File Sharing is still enabled is that you will get connected to stuff like \\tosh\ipc$ (yet fail to connect to c$) and you need to flush that out before you attempt to connect the second time, after disabling Simple File Sharing.

You basically want to start off with a clean window, i.e. without any saved connections. What might happen if you don't flush that old stuff out is that you will get those annoying errors where Windows says you're trying to use the same user name for more than one connection, something along those lines. If you get that type of error then you want to flush out the old saved credentials for old connections, and you do that by using the net use command (as in my example above).

Examples:

Connect to \tosh\ and you're connected to \tosh\ipc$
Connecting to \192.168.120.115\ and you're connected to \192.168.120.115\ipc$
Connect to \tosh\c$ and you're connected to \tosh\c$
Connect to \192.168.120.115\c$ and you're connected to \192.168.120.115\c$

You can be connected to either one of them in order to access the administrative share c$ but you will have to use the correct credentials, otherwise you will have to start all over again, because what you type in the first time is remembered for the duration of the login session. The remedy in that case is to either flush it with the net use command or reboot the system.

Essentially if you connect to \\tosh\ you will get connected to \\tosh\ipc$ and you can browse the most basic shares, like the Shared Documents share (or Public in Vista). But if you had Simple File Sharing disabled before you connected, then you can now go ahead and connect to \\tosh\c$ and it will get you connected to \\tosh\c$. This time you will get into root of C: directly without any prompt for user name and password, because they are remembered now since you are connected to \\tosh\. And because Simple File Sharing was disabled before you started the connection you will get access to it without any errors.

To sum this up...

You can connect to either ipc$ or c$ to access c$
You don't have to connect to c$ explicitly, it is implied when connected to ipc$. Although you will be asked for credentials initially if you are using the Shell/GUI and not the net tool (with net you specify credentials as part of the command).
You can use host names, e.g. "tosh" or its IP address.
UNC paths always start with two back-slashes.

Any questions? Leave them in the comments.

That would be all good folks!

shutdown -t 0

Using the admin shares

Creating new share and user accounts

Best Answer

Related Solutions

Windows 7 – system error 5

Windows – How to enable administrative shares on Vista and XP

Enabling file sharing and administrative shares on Vista

Enabling file sharing and administrative shares on XP

Troubleshooting

Related Question