Friday 11 November 2011

Sharing files from a Windows 7 box to an XP

Microsoft has created a rather nifty option to share resources in a server-less environment (eg a "home" or just a small office), called HomeGroup sharing. It works in Windows 7 and somehow magically builds on IPv6.

But HomeGroup sharing isn't available on XP, so you'll have to take the traditional road of right-clicking the folder you want to share, choosing Advanced sharing and setting the security bits just right (eg Share security: write for Everybody, full control for Administrators; File security: as tight as you need).

But sometimes that's not enough.

At a client with a mixed machine environment, suddenly they couldn't get to a file share residing on a Windows 7 box when coming from an XP box. I got system error 58 (or was is system error 85?). Windows croaked. I tried firewall settings, tried user rights, tried whether the fact that they'd connected to another file share on another XP box.

While i did a whole bunch of seemingly arbitrary fixing moves, after doing the following, things started happening again.

  • Start the local security policy editor, secpol.msc
  • Go to Local Policies > Security Options
  • Scroll down to Network Security: LAN Manager authentication level
  • Change the setting from "Send NTLMv2 response only" to "Send LM & NTLM - use NTLMv2 session security if negotiated"

The reasoning behind this is that Windows 7 and Vista works on a newer and more secure variant of the Lan Manager protocol than XP. You might get similar problem if connecting from a Linux box or a NAS (which very well may be a Linux box) to a Windows 7. Changing this setting starts the discussion using the older version and switches to the more secure one if the two endpoints can agree on that.

Took me several hours to get this right. I hope this will help you make a swifter fix.