Hi.

I have a friend who has a home network, which is a real mess.
It consists of about 6 different workgroup names, and about 50 shared folders across all workgroups - most of which don't exist anymore - as he tried to correct a network problem himself(and made matters worse).

There are 5 computers on the network - all are cabled back to an ADSL router.

Each one has static IP addresses xxx.xxx.xxx.101 - xxx.xxx.xxx.105

Each one can ping the other.

Each one can access broadband via the router/gateway.

Each one has it's C: drive shared.

NONE of them can see each other under My Network Places.

NONE of them can see the shared C: drives on the others.(even though all machines have their C: drives shared on the same workgroup)

What I would like, is a method to TOTALLY DELETE ANY AND ALL network connections, workgroups, shared resources etc, so that each machine is then "Clean" from all the experiments, so that I can then start to setup the network again from the beginning.

I have tried to delete old workgroups that are not used, but XP moans: "Cannot delete XXX workgroup - access is denied."
I have tried to delete old shared resources(folders), but they re-appear about 10 minutes later - what's up with that?!?!!??(rhetorical)

Also, we created a new workgroup called NLYMAH, and this was accepted and completed using NETWORK SETUP WIZARD, on four of the five machines, but the 5th one says "Invalid workgroup name." when we enter NYLMAH, even though the other four accepted it - what's up with that???!??!??!!!(rhetorical)

I need a way, to return each and every one of these machines, to the state they would be in after a clean-install of XP, so I can start to reset all the connections manually.

Knowledge of the OSes involved may be important and whether any/all are configured for standalone or domain logon.

Vista doesnt like the root partition to be shared as just one example.

Personally I would remove all items from the Network's Properties and reboot. Then add back Client for Microsoft Networks, File and Printer Sharing and TCP/IP.

The networking gurus may well have differing approaches.

When one can ping and not see it hints strongly of firewall intervention somewhere. I would always disconnect the router from its uplink and disable all and every firewall till you get the LAN functional.

A shared folder, AFAIK, is just a shared folder and not stuck with any particular workgroup, which is just a method of collating multiple "standalone" PCs on a LAN.

As far as Workgroup NYLMAH is concerned on the one aberrant PC. Can you give it another Workgroup Name and then try NYLMAH again?

Also - if just one PC on the LAN is malconfigured or has faulty networking hardware it can screw the whole thing up.

Knowledge of the OSes involved may be important and whether any/all are configured for standalone or domain logon.

ALL machines are XP - three are XP HOME, and two are XP PRO.
Four of the five machines have sp2, but the last one(an XP Pro machine), does not even have sp1 - it is the original Pro release. This is one machine we are having lots of problems with.

I AM GOING TO UPDATE IT TO SP2 TODAY.
I only discovered this after I posted last night(my time).


Vista doesnt like the root partition to be shared as just one example.

No Vista machines at all.
Useful info though - I will remember that for Vista setups...
:)

Personally I would remove all items from the Network's Properties and reboot. Then add back Client for Microsoft Networks, File and Printer Sharing and TCP/IP.

Cool - will try that.
:)

Will deleting these items from Network Properties, also obliterate the old network settings, shares etc, or do I have to hunt them down manually?

When one can ping and not see it hints strongly of firewall intervention somewhere. I would always disconnect the router from its uplink and disable all and every firewall till you get the LAN functional.

I think so to, but he has no firewall software on any of the machines - checked, BUT I forgot about the router's inbuilt firewall - this may well be the cause - thanks - good idea. The router is a D-Link wireless and wired router(it does both), but I think it does have built in firewall abilities.

Personally, I don't like D-Link modems or routers, as they can be a pain to setup with more then one machine on them.

I will take a different brand switch over there, and unplug the D-Link totally, just to see if we can get the LAN working, as you suggest.

A shared folder, AFAIK, is just a shared folder and not stuck with any particular workgroup, which is just a method of collating multiple "standalone" PCs on a LAN.

OK - I always thought they were shared only within the same workgroup.
Handy to know...
:)


As far as Workgroup NYLMAH is concerned on the one aberrant PC. Can you give it another Workgroup Name and then try NYLMAH again?

Also - if just one PC on the LAN is malconfigured or has faulty networking hardware it can screw the whole thing up.

Sure, I can try that - will let you know.

For the machine that has the original Pro release...be prepared to clean out a bunch of crap, if it has ever been connected to the internet. The OR was a malware magnet.

Will deleting these items from Network Properties, also obliterate the old network settings, shares etc, or do I have to hunt them down manually?
There are at least two levels of "configuration" when it comes to networking. One is to configure the (presumed to be in good working order) hardware and, for most networks, any particular LAN interface's TCP/IP protocol. The other is to configure and identify the computers and shares on the network.

I am far from an expert in these areas but have learned quite a lot "the hard way" nonetheless.

A couple of general points are that "Network Settings" are often very tardy and they also have "longish memories". In other words they are not instantaneous as when normally accessing ones own file system and they appear to still have access to currently non-existing shares and workgroups quite long after they have been changed or otherwise made inaccessible - and even following a reboot! When "significant changes" have been made I have found that one may need to reboot all PCs on the LAN and then wait for up to 15 or 30 mins (and maybe more) for everything on the network to "bed down".

One "trick" however is that instead of waiting for Network Places etc to establish/re-establish the settings and particularly when you can ping an IP address is to either search for the computer you want to find on the network by name or else to just enter its name preceded by a double back-slash such as \\missingpc or whatever in the address bar of My Computer; entering //missingpc by mistake would attempt to access any web server on that PC. This can often "find" a PC not identified otherwise in the My Computer or My Network Places trees. The latter is particularly "persistent" in that shares once established will remain there till deleted locally even if they no long exist anywhere; they sit there in the hope the share will return someday; they are not essentially dynamic. Any conflicts with names or IP addresses or ... can always screw everything up. So start with just two PCs and build up from there. Also I find it best to leave all the identification on auto/default settings unless there is a specific reason to specify anything.

PS Don't forget the Windows own Firewall. It seldom interferes in these areas but its certainly not impossible. Running ipconfig /all from a command prompt can also often be very revealing.

A couple things you can try -

First make sure you are an administrator. If you are not a an admin when you try to delete shares it may cause problems.

At the commend prompt type arp -d

That will delete the arp table on that machine, then try to delete shares in network places.

You can either manually reset the TCP/IP stack (http://support.microsoft.com/kb/299357) to original settings using the netsh utility at the cmd prompt, or you can download the MS tool to do it for you. Both ways are in the link.

Even just running ipconfig /renew may help.

Not sure if any of that will help, but it may. I am rusty on my network stuff. :p

There are some basic misconceptions here. In a workgroup, what is available to share is dictated by what is shared on each machine. The basic flaw in thinking is what is broadcast to all machines in the same network range. A workgroup is an identifier. Whether you can access the workgroup shares is based on permissions. If you use Simple File Sharing everything is accessible ok? No authentication is used. You may have a firewall or Guest access blocked but that is a seprate issue.

Arp is a list of IP addresses to MAC or physical addresses. ARP is a broadcast it does not in and of itself have anything to do with File Sharing. Any machines sharing the same network range, which is dictated by the subnet mask, can get these broadcast packets. File and Print sharing broadcasts happen about every 15 minutes. Removing File and Print sharing from the interface should remove the broadcasts but the shares may still be cached locally.

The basic thinking should be the network is dictated by the IP address and subnet mask. From this springs all things. Broadcast packets are received by everyone on the same subnet. What you can access is dictated by the type of authentication mechanism used by the individual pc's with file shares. What you see via a broadcast and what you can access are two different things. Each PC will cache or "remember" what shares it has indentified in the past. Removing File and Print sharing or blocking the broadcast via a firewall stops the receiving the broadcast of shares and stops the PC's you disabled File and Print sharing on from broadcasting its shares.

Good stuff Variable.

arp -d just gets rid of the table of previously received broadcasts from other machines? But doesn't actually remove the cache of previously accessed shares? I wasn't sure it would, just seen the correlation of the cached shares and the arp table and thought it was worth a try.

The arp table is just a map of IP/MAC of those broadcasting on the network?

So turning off file and print sharing will get rid of the cache? That's too simple. :p

I uses to know more about this stuff, but my current position doesn't require me to use it very often. And you know what they say, use it or...

The following comments relate to a WinXP network with mixed home and pro versions.

There are some basic misconceptions here.I agree about shares and workgroups and have already alluded to this. There is a very common misconception all over the place that an XP network will only be able to see computers on the same workgroup. Not so. Shares are dedicated to a PC and a PC is dedicated to a workgroup. All workgroups should be visible from the PCs on the LAN - and hence all network shares on those PCs. I also agree that visibility and accessibility are two different things. The fundamental problem with the OP here is to do with visibility.

I think there are other obfuscations regularly created when talking about Simple File Sharing and Guest Accounts. These two areas impact mainly on the local users set up on any particular PC and hardly impact on network access unless one is using XP Pro, is using NTFS, has simple file sharing disabled and has gone to the trouble of specifying that certain users or groups have specific permissions for any folders. If such folders have such permissions set then they will affect local users and network users alike - but only from an access and not from a visibility point of view. Only folders given network shares will be visible on a microsoft file sharing network - regardless of who can access them.

If you turn off the Windows Firewall as well as all other firewalls, wait a decent period after a clean reboot and can ping all the relevant IP addresses and still have visibility problems I would still suspect faulty hardware or else conflicts such as duplicated computer names or IP addresses or other network malconfiguration or malware.

The arp table is just a map of IP/MAC of those broadcasting on the network?

So turning off file and print sharing will get rid of the cache? That's too simple

No not really, I will explain it a bit.

When one machine wants to talk to another machine using IP it will send out a broadcast to the broadcast address 255.255.255.255. This means it is not directed to one IP but is directed to whomever is listening. This is important because in a switched network, i.e. a bunch of devices plugged in to a switch, this broadcast goes to all ports.

If your machine wants to communicate with 192.168.1.100 and it has never talked to it before it will broadcast out " who is 192.168.1.100." If this IP is being used by another device on the same network, whether it is a PC, printer or whatever, that device will say " I am 192.168.1.100 and here is my MAC address" the PC's talking to each other now have an ARP entry for each other. A switch also listens to these and keeps a table of them. A switch uses MAC addresses to know where to send the packets. A router doesn't use MAC addresses it only uses IP. Broadcasts do not pass through a router from one network to another.

In the above scenario, if PC1 never tried to talk to PC2 it would never have an ARP entry. If you ping an IP address it will generate and ARP entry.

Usually ARP is invisible. ARP can cause you problems when you change the IP address on a device. Other than that it is not normally a problem.
Disabling File and Print sharing has no impact on ARP at all. They are different things.


you turn off the Windows Firewall as well as all other firewalls, wait a decent period after a clean reboot and can ping all the relevant IP addresses and still have visibility problems I would still suspect faulty hardware or else conflicts such as duplicated computer names or IP addresses or other network malconfiguration or malware.

File and Print sharing works over certain UDP and TCP ports. What ports are used depends on the OS. Which ports are blocked can cause different issues. If you can ping the IP address, faulty hardware is not a cause of File and Print sharing failure. There are several services and ports that are responsible for all the things related to what people think of when you say "File and Print sharing."

Each Workgroup/domain will have a Master Browser. If you have multiple workgroups on a small home LAN it will only slow down viewing shares and increase issues with what shows up and when things are removed.

I think there are other obfuscations regularly created when talking about Simple File Sharing and Guest Accounts. These two areas impact mainly on the local users set up on any particular PC and hardly impact on network access unless one is using XP Pro

Simple File and Print sharing was introduced with XP. XP Home can ONLY uses SFS. XP Pro can use File Sharing or Simple File Sharing. There is no network file security with Simple File Sharing. It was created so that Home computer users with no networking knoweldge can share files between computers on their home network. Simple File and Print sharing is only related to security. It does not have anything to do with network shares, how things are shared or what shares you can see.

There are some basic misconceptions here. In a workgroup, what is available to share is dictated by what is shared on each machine. The basic flaw in thinking is what is broadcast to all machines in the same network range. A workgroup is an identifier. Whether you can access the workgroup shares is based on permissions. If you use Simple File Sharing everything is accessible ok? No authentication is used. You may have a firewall or Guest access blocked but that is a seprate issue.


...and Paul Komski said:

I agree about shares and workgroups and have already alluded to this. There is a very common misconception all over the place that an XP network will only be able to see computers on the same workgroup. Not so. Shares are dedicated to a PC and a PC is dedicated to a workgroup. All workgroups should be visible from the PCs on the LAN - and hence all network shares on those PCs.

So let me clarify my understanding(or misunderstanding!) here:

Assume two workgroups "ONE" and "TWO".
Shared folders on "ONE" will be visible and accessible on computers setup as part of the "TWO" workgroup?

I always thought that the whole idea of workgroups, was so that you could share files and resources between other computers who are also members of that same workgroup - any computers from other workgroups on the same PHYSICAL network cable, cannot see shared resources from other workgroups.

It would seem I am wrong, if this is NOT the case, but if I am wrong, what is the point of even having workgroup names, if essentially, all machines can see shared resources from any other machine or workgroup provided they are shared?

To me, that defeats the point of having workgroups at all.
:confused:

...a little confused now...
:(

Could one of the network gurus help me to understand this?

any computers from other workgroups on the same PHYSICAL network cable, cannot see shared resources from other workgroups.
I was under this impression as well until just recently. One of the first things I usually do to a system in my house is change the workgroup to the one I use for all my machines, but I noticed on my daughters new laptop with vista that I hadn't done this to right away was able to see and access my shares even though it was not a part of the same workgroup. I was assuming this had something to do with vista, but apparently it does not.

On the same note, my company laptop that is on a domain can not see my other systems in the house. So I am assuming because it is a domain, regardless of being logged on to the company VPN or not, things are different?

I really need to brush up on this stuff... :rolleyes:

Variable please explain if you would.

Simple File and Print sharing is only related to security. It does not have anything to do with network shares, how things are shared or what shares you can see.That's part of the reason why I was saying that Simple File Sharing was an obfuscation because the issue here is not (so far) anything to do with access but with "visibility".

Hardware can be involved - don't ask me why - because I have been able to ping other LAN machines and router from a laptop with a PCMCIA RJ45 NIC. One card allowed normal visibility and access; an "identical card" didn't - (no MAC address filtering involved and also direct crossover connection worked with one and not with the other NIC).



NONE of them can see each other under My Network Places.Leaving all theory aside - is there any functional advice that can help resolve the practical problem?



Assume two workgroups "ONE" and "TWO".
Shared folders on "ONE" will be visible and accessible on computers setup as part of the "TWO" workgroup?I would rephrase what you have said and say that workgroups ONE and TWO should both appear in the Microsoft Network Tree as long as PCs belonging to both workgroups are active on the LAN. Those PCs under ONE would be visible there when expanded and the PCs on TWO would be visible under TWO when expanded. If the workgroup on any particular PC is changed from ONE to TWO (or to something different) it should reappear under the refreshed tree and with exactly the same shares that it had beforehand.

The need for different workgroups is only really of relevance on large networks to help find particular PCs on the Network. Just having one workgroup simplifies and speeds things up that's all. Also don't expect changed workgroups to update immediately; if you change a PC's workgroup name it may well appear (and be equally accessible) for a while under both its original and its new name.

There is no network file security with Simple File Sharing. It was created so that Home computer users with no networking knowledge can share files between computers on their home network.Musing about this whole area has made me realise (even re-realise) how these two issues of file sharing and security/permissions so often get mixed up when they are talked about in all sorts of discussions.

Just to get one thing out of the way, it is worth saying that even though the only "option" is SFS in XP Home that one can still alter the security and permissions of folders - BUT IT MUST BE DONE BY AN ADMIN FROM SAFE MODE. Doing this clearly demonstrates the complete distinction between file/folder sharing and security since you cannot alter file sharing at all when in Safe Mode!

SFS may make LAN setup easier or not - and I'm not convinced that it does - but what it does do is to make it simple for multiple users on one standalone PC to make an area of their own Documents and Folders Folders public or private TO OTHER USERS OF THAT PC. In order to take this very area out the equation, when sharing folders for network access, I always recommend using or creating folders that are not within the Documents and Settings area at all. After all, if you are sharing for the network why would you want to hide stuff/make it inaccessible from other users of the same PC.

Final point about workgroups in XP is that it is possible to view "Computers under Workgroup". This lists all the PCs that are part of the same Workgroup as the current PC, whether it is called WORKGROUP or something else. You have to look at the full Network tree to see any other Workgroups.

I also want to correct what I said about Vista and sharing the root of the drive. It can be shared but if you don't use "the Vista way with its wizards or what not" not only ordinary folders but also the root of the drive may appear to have read/write access for Everyone but when you try to access from another PC you get "Denied Access".

On the same note, my company laptop that is on a domain can not see my other systems in the house. So I am assuming because it is a domain, regardless of being logged on to the company VPN or not, things are different?

Sorry for the long wait. I was busy and then went on a vacation.

When your XP Pro laptop joined the domain it's workgroup was probably WORKGROUP. It still is but you cannot see it. Your home network must be something different. If you change your home network or a pc on your home network to WORKGROUP and reboot, then add your laptop and the PC you changed to the same switch you will probably see it. You may be able to find the workgroup name in the registry as well. But it is a safe bet it was WORKGROUP.