Sharing resources on Windows and Linux. Sharing Resources Lab

Published on February 18, 2009 by No Comments

In the previous article, I talked about the OSI model and how it serves as a model for applying abstraction between physical devices and software. In this article, I was first going to talk about how protocol stacks relate to the OSI model. But after some deliberation, I decided that this topic is rather confusing and of little value to network administrators. With that in mind, I want to talk about how to make resources available on the web.

So, I want to focus my attention on how to make resources available over the network. If you stop and think for a while, you will realize that the main reason for networking is to arrange resources so that they can be shared by multiple computers. Resources can come in many different forms. Sharing resources often means sharing files and folders, but not always. In the days when I started working with networks, printers were very expensive, so very often there were situations in which companies created networks only so that one printer could be used by several employees. This allowed the company to save money on the purchase and maintenance of a separate printer for each employee.

Even small home networks are created for the purpose of sharing resources. The most common home networks include a wireless access point, which also doubles as an Internet router. In such networks, the Internet is precisely the resource that is shared. In such scenarios, there is simply no need to have a separate Internet connection for each computer, as one connection can be shared.

As you can see, there are many different types of resources that can be shared across the network. The process of providing access to resources will vary depending on the type of resources to be shared and the operating systems used on the network. I'll start my discussion by talking about how you can provide access to files and folders over the network.

Before you start

Before I get started, I would like to briefly mention that the information I am about to provide you is based on Windows Server 2003. Windows Server 2003, Windows XP, and all previous versions of Windows work with approximately the same access to files and folders. principle. The steps you use to share resources are slightly different on these systems, but the basic principles are the same. Windows Vista takes a different approach to sharing resources than its predecessors, so we'll talk about it in later articles in this series. For now, just remember that most of what I'm going to show you doesn't apply to Vista.

Create a file share

If you want to enable sharing of files stored on the server, you first need to create a file share. A file share is a specially created access point through which users can access files. The reason the file share is needed is because from a security standpoint it would be too risky to open up access to all of the server's content.

Creating a file share is a very simple task. To do this, you just need to start the process by creating a folder in the place where you want to place the shared data. For example, many file servers have a designated storage array or data drive dedicated solely to storing data (not program files and OS components).

In most cases, you have a fairly large number of folders, the contents of which need to be shared. Also, each of these folders must have their own specific security requirements. You can create a separate resource for each folder, but this is generally not considered a good idea unless each resource is located on a different drive. There are exceptions to each rule, but in most cases you will need to create one file share for each volume. You can place all your folders in one such resource, and then assign the necessary permissions to each individual folder. As you progress through this article, you will begin to understand why creating multiple file shares is such a bad idea.

If you already have multiple folders, don't worry about them. You can easily create a new folder and move existing folders into it. Another option is to create the file share at the volume level, in which case you do not have to move the existing folders.

For the purposes of this article, we will assume that you have created a folder that will include subfolders, and that you will share that folder. When you have created a folder, right-click on it and select the "Access / Security" command from the menu that appears. You will then have a property page, as shown in Figure A.

Figure A: The Sharing tab gives you the option to share the folder

As you can see in the figure, the Sharing tab allows you to control whether this folder will be shared. When you select the "Share this folder" option, you will be prompted to enter a name for the resource. The name you choose is very important. Windows is not so picky about resource names, but even so, I would recommend giving the resource a name less than sixteen characters long and avoiding the use of spaces and characters for backward compatibility. It should also be noted that if you give a resource a name that ends with a $ character, the resource becomes invisible. Windows has several default hidden resources, which I will discuss later.

The Comments field allows you to enter comments about what this resource will be used for. This is for administration purposes only. Comments are optional, but documenting resources has never been a bad idea.

Now take a look at the User Restrictions section. You will notice in the figure that the default value for this parameter is "Maximum Allowed". Whenever you install a Windows server, you must have a client access license. You have the option to either purchase licenses for each individual client, or create a server license that will support a certain number of connections. Suppose you have multiple servers, in such situations it is usually cheaper to license clients than individual servers. In any case, when user restrictions are set to "Maximum Allowed", an unlimited number of clients will be able to connect to the resource as long as the number of connections matches the number of licenses you have purchased. If you use the licensing model for each client separately, then access to the resource is technically unlimited, but each client must have a license.

Another option here would be to allow a certain number of users to connect to this resource. This option has almost nothing to do with licensing, but is directly related to performance. Low-capacity hardware may not support a large number of client connections. Thus, Microsoft gives you options to limit concurrent connections to a resource so as not to overload your hardware.

Conclusion

In this article, I started talking about how to share resources on the network. In the next part of this series, I'll walk you through how to set permissions on the resources you create.

Recently, the popularity of Linux has been growing literally every day. Linux is a high-performance, non-commercial operating system, one of the flavors of Unix. As you know, it was created by a graduate of the University of Helsinki Linus Torvalds. The main advantages of Linux are openness and multithreading, in addition, it has the ability to clearly delineate resources and user access levels. Today many software vendors support this operating system; among them we will single out Oracle and Informix.

This article discusses how to share resources between Windows and Linux operating systems using the Samba suite.

What is SAMBA?

Samba is a set of programs that are designed to organize client access to the server's file space and printers using the SMB (Server Message Block) and CIFS (Common Internet Filesystem) protocols. Originally written for Unix, Samba now also runs on other operating systems such as OS / 2 and VMS. This means that these operating system tools such as file server and print server can be used for SMB and CIFS clients. Currently there are corresponding clients for DOS, Windows NT, Windows 95, Linux smbfs, OS / 2, Pathworks. The SMB protocol is used by Microsoft Windows NT and 95 to provide access to disks and printers.

With SAMBA it is possible to:

• provide access to the file system under Linux for Windows machines;
• get access to the file system under Windows OS for Linux machines;
• provide access to printers under Linux OS for Windows machines;
• access printers under Windows OS for Linux machines.

The components of the Samba package perform the following functions:

• The smbd daemon provides file and print services for SMB clients such as Windows 95/98, Windows for Workgroups, Windows NT, or LanManager. The configuration for this daemon is specified in the smb.cfg file.
• The nmbd daemon provides Netbios nameserver support for clients. It can be run interactively to poll other name service daemons.
• The smbclient program is a simple SMB client for UNIX machines. It is used to access resources on other SMB-compatible servers (such as Windows NT), and also allows a UNIX station to use a remote printer connected to any SMB server (for example, a computer with WfWg).
• The testparm utility is designed to check the smb.conf configuration file.
• The smbstatus utility allows you to find out who is currently using the smbd server.
• The nmblookup utility allows you to query NetBios names from UNIX machines.
• The make smbcodepages utility creates files to describe the SMB code page.
• The smbpasswd utility allows you to encrypt passwords.

Each component is described in detail in the manual pages supplied with the Samba package.

Installation

Samba is very easy to install and configure.

So, let's begin.

For the Samba package to work, two daemons must be started:

• smbd (SMB daemon);
• nmbd (NetBIOS name server daemon).

They are installed in / usr / sbin and can be started either manually or automatically at boot from system scripts or from inetd.conf. Let's take a look at both automatic launches.

The first way is from the system startup scripts. You need to write the following script to the /etc/rc.d/init.d/smb file and create symbolic links to it with the filenames specified in the comments.

#! / bin / sh # # /etc/rc.d/init.d/smb - starts and stops SMB services # # The following files must be symbolic links to this file: # symlinks: /etc/rc.d/rc1 .d / K35smb (Kills SMB services on shutdown) # /etc/rc.d/rc3.d/S91smb (Starts SMB services # in multiuser mode) # /etc/rc.d/rc6.d/K35smb (Kills SMB services on reboot) # # Function library source. ... /etc/rc.d/init.d/functions # Source for network configuration. ... / etc / sysconfig / network # Check network. [$ (NETWORKING) = “no”] && exit 0 # See how we call here. case “$ 1” in start) echo -n “Starting SMB services:“ daemon smbd -D daemon nmbd -D echo touch / var / lock / subsys / smb ;; stop) echo -n “Shutting down SMB services:“ killproc smbd killproc nmbd rm -f / var / lock / subsys / smb echo “” ;; *) echo “Usage: smb (start | stop)” exit 1 esac

Second way. Starting SMB daemons from inetd. To do this, you need to include the following lines in your /etc/inetd.conf file:

# SAMBA NetBIOS services (for PC file and print sharing) netbios-ssn stream tcp nowait root / usr / sbin / smod smod netbios-ns dgram upd wait root / usr / sbin / nmbd nmbd

Kill –HUP 1

Choose one of the methods for starting daemons and apply it. It should be noted that when you install the SAMBA package, the daemons are always included in the "machine" by default. So the scripts do not need to be edited.

After we figured out how to start daemons, we need to configure the SMB server. This operation consists in setting up the main configuration file - /etc/smb.cnf.

Smb.cnf configuration file

Samba configuration on Linux (or other UNIX machines) is controlled by a single file, /etc/smb.cnf. This file defines which system resources you intend to give clients access to and what restrictions you intend to impose on the use of these resources.

Consider this file. It consists of sections and parameters. Sections begin with a title enclosed in square brackets and continue until the beginning of the next section. They contain parameters of the following form:

'Name = parameter'

All records in the file are lines. Each line can be a comment, section name or parameter. Sections and parameter names are not case sensitive.

Each section in the configuration file (except for the section) describes an access resource. The section name is the name of the access resource. The access resource includes the path to the access directory and a description of user access rights.

For example, let's create a / common directory on disk and allocate it as a network share for all read and write clients:

Path = / common public = yes guest ok = yes writable = yes printable = no

All files written by any user to this resource will have the following rights:

• for the creator - everything (read, write, execute);
• for a group (which the user belongs to) - reading;
• for everyone else, reading.

If we want to grant rights to all users to any file, we need to add the following line to this section:

Create mask = 0777

There are three special sections:

1. This section defines some variables that Samba will use to define access to all resources.
2. The section allows remote users to access their (and only their) home directories on a Linux machine. So if Windows users try to connect to this partition from their Windows machines, they will be connected to their personal home directories. Note that in order to do this, they must be registered on this Linux box.
3. The section is similar to, but for printers.

To understand the upper and lower case SMB server in the file names in the section, you need to uncomment the line

Case sensitive = yes

An example of a part of a file:

; Uncomment this line if you want to give access; user "guest"; guest account = nobody log file = /var/log/samba-log.%m; log file path lock directory = / var / lock / samba share modes = yes; On the network, the resource will be visible as a username; or will be absent,; if the user is not found comment = Home; The comment will say “Home” guest ok = no; Deny guest access browsable = no; We will not show others read only = no; Let us write create mode = 700; The created files will be visible only to the user; Under this name, the resource will be visible path = / var / public; Resource path comment = Welcome! ; What will be written in the detailed listing force user = nobody; Files will be processed; on behalf of nobody guest ok = yes; Whether access is possible for any user browsable = yes; Whether the resource appears in the listing read only = no; Not just for reading. comment = Temporary file space path = / tmp read only = no public = yes

Accessing Linux disks from Windows

Organization of access to Linux disks is very simple and boils down to just editing the smb.cnf configuration file, that is, adding a section (how this is done was discussed above).

Accessing Windows disks from Linux

The SMB client for UNIX machines is included with the Samba distribution. It provides an ftp-like command line interface. You can use this utility to transfer files from a Windows server to a Linux client. In order to see what resources are available on a given machine, you need to run the command:

/ usr / sbin / smbclient -L host

where "host" is the name of the machine whose available resources you want to see. This command will return a list of “service” names — that is, the names of drives or printers that can be accessed. Until the SMB server is configured to control access, it will ask for a password. In response to the request, enter the password for the user "guest" or your personal password on this machine.

For instance:

Smbclient -L redfox

The output of this command should look something like this:

Server time is Sat Aug 10 12:01:11 1998 Timezone is UTC + 3.0 Password: Domain = OS = Server = Server = User = Workgroup = Domain = Sharename Type Comment ---- - ---- ADMIN $ Disk Remote Admin public Disk Public C $ Disk Default share IPC $ IPC Remote IPC OReilly Printer OReilly print $ Disk Printer Drivers This machine has a browse list: Server Comment ---- ---- ALEX Samba 1.9.15p8 MARRY Samba 1.9.15p8 VASER Samba 1.9.15p8 REDFOX

Browse list shows other SMB servers on the network with available resources.

To use the client, run the following command:

/ usr / sbin / smbclient service

where "service" is the name of the machine and service. For example, if you are trying to access a directory that is accessible under the name "public" on a machine named "redfox", then the service name should be \\ redfox \ public. However, due to shell limitations, you need to hide the backslash, so that the final command line looks like this:

/ usr / sbin / smbclient \\\\ redfox \\ public mypasswd

where "mypasswd" is your password character string.

You will receive an smbclient prompt:

Server time is Sat Aug 10 12:01:11 1998 Timezone is UTC + 3.0 Password: Domain = OS = Server = Server = User = Workgroup = Domain = smb: \>

For help using smbclient, type h:

Smb: \> h ls dir lcd cd pwd get mget put mput rename more mask del rm mkdir md rmdir rd prompt recurse translate lowercase print printmode queue cancel stat quit q exit newer archive tar blocksize tarmode setmode help? ! smb: \>

Linux Printer Access for Windows Clients

To provide Windows machines with access to a Linux printer, you need to make sure that the printer works under Linux. If you can print on Linux, then accessing the printer will be very simple.

Add the printer setting to your smb.cnf file:

Printing = bsd printcap name = / etc / printcap load printers = yes log file = /var/log/samba-log.%m lock directory = / var / lock / samba comment = All Printers security = server path = / var / spool / lpd / lp browseable = no printable = yes public = yes writable = no create mode = 0700 security = server path = / var / spool / lpd / lp printer name = lp writable = yes public = yes printable = yes print command = lpr -r -h -P% p% s

Make sure the path to the printer (in this case for) matches the spooled directory specified in / etc / printcap!

It should be noted that there are some problems with accessing printers on UNIX machines for Windows NT machines using Samba. One is that NT does not correctly see the network printer, the other is related to the password problem. Review the docs / WinNT.txt file for your Samba distribution to resolve these issues.

Windows Printer Access for Linux Clients

To access a printer installed on a Windows computer, you need the following:

• You must have the correct entries in the / etc / printcap file, which must match the local directory structure (for the spooled directory, etc.).
• You should have a script / usr / bin / smbprint. It comes with the Samba sources, but not all Samba binaries. Its slightly modified copy is discussed below.
• If you want to convert ASCII files to Postscript, then you must have nenscript or its equivalent. nenscript is a Postscript converter and is usually installed in the / usr / bin directory.
• You can simplify the Samba printing process by using add-on programs. A simple perl script that handles ASCII, Postscript, or converted Postscript is shown below.
• The entry in the / etc / printcap file below is for an HP 5MP printer on a Windows NT server. The following fields in the / etc / printcap file are used:

cm - comment

lp - the name of the device to open for output

sd - printer spool directory (on local machine)

af - printer usage accounting file

mx - maximum file size (zero - no limit)

if - the name of the input filter (script)

For more information on printing, see the Printing HOWTO or the printcap man pages.

# / etc / printcap # # // redfox / oreilly via smbprint # lp: \: cm = HP 5MP Postscript OReilly on redfox: \: lp = / dev / lp1: \: sd = / var / spool / lpd / lp: \: af = / var / spool / lpd / lp / acct: \: mx # 0: \: if = / usr / bin / smbprint:

Make sure the spooled directory and the directory used for accounting exist and are writable. Make sure the "if" line contains the correct path to the smbprint script (given below) and that the entries point to the correct output device (/ dev special file).

You may want to take a closer look at it. There are a number of small changes that have proven to be useful.

#! / bin / sh -x # This script is an input filter for printcap # based printing on UNIX machines. It uses the smbclient program to # print the file to the specified smb server and service. # For example, you might have a printcap entry like this # # smb: lp = / dev / null: sd = / usr / spool / smb: sh: if = / usr / local / samba / smbprint # # which creates UNIX- a printer named "smb" which will # print with this script. You need to create a spool directory # / usr / spool / smb with proper permissions and ownership # Install the server and service you want to print to here. # In this example I have a PC with a WfWg PC called “lapland” which # has an exported printer called “printer” with no password # # The script was modified next [email protected](Michael Hamilton) # so the server, service and password can be read from # /usr/var/spool/lpd/PRINTNAME/.config # # For this to work, the entry in / etc / printcap must # include an accounting file usage (af = ...): # # cdcolour: \ #: cm = CD IBM Colorjet on 6th: \ #: sd = / var / spool / lpd / cdcolour: \ #: af = / var / spool / lpd / cdcolour / acct: \ #: if = / usr / local / etc / smbprint: \ #: mx = 0: \ #: lp = / dev / null: # # File / usr / var / spool / lpd / PRINTNAME /. config should contain # server = PC_SERVER # service = PR_SHARENAME # password = ”password” # # For example, # server = PAULS_PC # service = CJET_371 # password = ”” # # Debugging log file, change to / dev / null if you like. # logfile = / tmp / smb-print.log # logfile = / dev / null # # The last parameter to the filter is the accounting file name. # spool_dir = / var / spool / lpd / lp config_file = $ spool_dir / .config # Should read the following variables set in the config file: # server # service # password # user eval 'cat $ config_file' # # Some debugging help, change the >> to> if you want to same space. # echo “server $ server, service $ service” >> $ logfile (# NOTE You may wish to add the line 'echo translate' if you want automatic # CR / LF translation when printing.echo translate echo “print -” cat) | / usr / bin / smbclient “\\\\ $ server \\ $ service” $ password -U $ user -N -P >> $ logfile

Most linux distributions come with nenscript for converting ASCII documents to Postscript. The following perl script makes life easier for the user by providing a simple interface for printing using smbprint.

Usage: print [-a | c | p] -a prints how ASCII -c prints formatted as source -p prints as Postscript If no options are given, the program will try to determine the file type and print accordingly

Using smbprint to print ASCII files, the script keeps track of long lines. If possible, this script breaks the long line at a space (instead of a break in the middle of a word).

Source code formatting is done with the nenscript program. It takes an ASCII file and formats it into two columns with a title (date, file name, etc.). This program also numbers lines. Postscript documents are already formatted, so they print right away.

Russification and testing of the configuration file

The SAMBA package supports any encoding used in file names. In order to be able to use encodings with the Russian alphabet, it is necessary to add several lines to the configuration file /etc/smb.cnf in the section:

Character set = KOI8-R client code page = 866

You can test the smb.cnf configuration file using the testparm utility. If there are no errors in the configuration file, testparm will report this and list the services in use, otherwise you will receive an error message.

ComputerPress 10 "1999

Under resources PC will be understood as any of the following elements:

• · Logical drives, including drives on CD-ROM, DVD and other similar devices;
• · Directories (folders) with or without subdirectories (subfolders), as well as the files they contain;
• Devices connected to a PC: printers, modems, etc.

A resource accessible only from the PC on which it is located is called local. The PC resource available to other computers on the network is called shared or network (shared, shared). A local resource can be made shared and, conversely, a shared resource can be returned to the local status, i.e., other network users can be denied access to it.

Creation of shared network resources and access to them are provided by special network operating systems... The basic network capabilities of network operating systems allow one computer on the network to process data (enter, edit, copy, delete, search) located on another.

Usually one or more powerful PCs are used (dedicated servers) that provide their resources for sharing on the network. The shared access system works on the principle of sharing the operating time of the main computer.

Depending on the network resources used in hierarchical networks, the following types of servers are distinguished.

1. File server.

In this case, the server contains shared files and / or shared programs. At the same time, workstations contain only a small (client) part of the programs that require insignificant resources. Programs that allow this mode of operation are called network installable programs. The requirements for server power and network bandwidth for this method of use are determined by the number of simultaneously working workstations and the nature of the programs used.

2. Database server.

The server hosts a database that can be replenished from various workstations and / or provide information upon requests from a workstation. There are two fundamentally different modes of processing requests from a workstation or editing records in a database:

• · From the server, the database records are sequentially sent to the workstation, where the actual filtering of the records and the selection of the necessary ones are performed;
• · The server itself selects the necessary records from the database (implements the request) and sends them to the workstation.

In the second case, the load on the network and the requirements for workstations are reduced, but the requirements for the computing power of the server increase sharply. However, this is the most efficient way to handle requests. This method of satisfying requests from workstations is called the mode client-server, it is implemented by special tools for working with modern network databases. In systems client-server data processing is split between two entities: client and server. The client is a task, a workstation, a user. It can form a request for the server: read a file, search for a record, etc. A server is a device or computer that is processing a request. He is responsible for storing data, organizing access to this data and transferring data to the client.

3. Print server.

A sufficiently productive printer is connected to a computer of low power, on which information can be printed from several workstations at once. The software organizes the queue of print jobs and also identifies the printed information with special pages (tabs) that separate the printed materials of different users.

4. Mail server.

The server stores information sent and received both over the local network and from the outside (for example, via a modem). At any time convenient for him, the user can view the information received in his name or send his information through the mail server.

Access to network resources of the local area network

To work in a local network, the system folder Network Neighborhood is used, in which all available LAN resources are displayed.

To display a list of all computers included in the workgroup, click on the "Show computers in the workgroup" item in the "Network Tasks" command panel of the "Network Neighborhood" window.

By double-clicking on the icon of any of the remote computers in the Network Neighborhood window, you can see what its resources are available for work. You can work with these remote resources in the same way as with files on local drives in Explorer.

Management of network access to disks, folders, printer

In order for other LAN users to be able to access your PC's resources, such as a printer, logical drives, folders and files, you must open network access to these resources and set user rights to work with each of these resources.

Are common(shared resources) Is a special kind of public goods. Unfortunately, it is not always presented at its true worth. In this case, community means not the legal category of common property, but the general regime of joint economic use of resources, the need for which is determined by significant non-economic restrictions that exclude their free reproduction. Although it is precisely in connection with non-economic limitations of reproducibility, it is necessary to take into account their essential economic features. First, they are, as a rule, not of a consumer, but of a production nature. Secondly, these are capital goods, for which it is necessary to determine the mode of use in a long period not only in a chronological, but also in an economic sense, when it is necessary to assume and consider the possibility of any changes regarding the probability of preserving and depleting a given resource. Third, they usually have a stable asymmetry of the properties of competitiveness and exclusion, i.e. competitive (are objects of competition), when they do not have the property of exclusivity, and, conversely, cease to be competitive when they acquire exclusivity, or, in other words, “non-excludable when competitive” (creation and use of knowledge, information, including land cadastres, meteorological service), and “non-competitive when excluded” (use of non-renewable natural resources, including oil and gas production).

To date, these two types of common (shared) freely non-reproducible resources have been quite clearly defined. They are located at the poles of the resource system: non-reproducible natural resources and practically limitless intellectual and information resources. Access to them, especially in Russia, only seemed to be practically free because they are of great variety and enormous scale. Unfortunately, it is only in recent years that the meaning and significance of the problems of limited non-reproducible natural resources and non-reproducibility of limited (rare) natural resources have begun to be realized. Information and intellectual resources cannot be considered freely reproducible due to their uniqueness, uniqueness of fundamental discoveries and inventions, talents and creativity of their authors.

Non-reproducible natural resources include areas of the territory and water area of ​​the country, region, subsoil, minerals, airspace (air routes), shelves, electromagnetic fields (radio frequencies). Non-economic (physical, chemical, bio-, physiological, ethological, etc.) restrictions are imposed on the reproduction of forestry and agriculture, fisheries and other ecosystems, including soil (humus) and other biogeocenoses. As a rule, the effective scales (boundaries) of their reproduction do not coincide with the contours of the system and property objects. Something similar arises in relation to the reproduction, creation and use of information and intellectual resources.

Historically, a situation has developed when the Russian state has become the main seller of natural resources and the main buyer of information and intellectual resources. Maybe this phenomenon should be considered not only as a feature of the national economy of Russia, but also as a general economic law of the economy with the domination of common freely non-reproducible resources in national assets?

Not always strictly legally, but always in the form of real law, as well as institutionally, organizationally and economically, the general regime for the use of non-reproducible natural resources has taken shape and consolidated itself as a natural monopoly of the state (or local governments, municipalities) on their sale, leasing, in concession and other forms of use. The results of fundamental science and related education (training young scientists and specialists for fundamental science) rarely find buyers and customers in the private, not only consumer, but also business, sector of the economy. Therefore, in the scientific and educational sphere, a state monopsony quite naturally arises, when the state, in the national interests, plays the role of organizer, coordinator, customer, buyer, creditor, financier, licensor and carrier of other functions necessary to ensure national competitiveness in the field of fundamental science and education.

An important feature of shared resources is the inelastic nature of their supply. As shown above (topics 9, 10), in such cases, numerous, diverse, large rental incomes arise ( natural resource rent, land, mining, absolute, relative, monopoly, economic, quasi rent, etc.). Recently, in the theory of rent, such new types of it have been considered, such as rent state, financial, insurance, infra-marginal, postponed, regional, informational, intellectual, etc.

It seems that some features of common, shared, freely non-reproducible resources that generate rental income have many elements of national wealth and national assets - the health of the nation, human capital, national ecological potential, etc. In this regard, new resource and rental concepts of income are developing. , costs, taxation, etc.

Professional lets you share almost everything on the network - files and folders, printers, and even applications. In this lecture, we'll talk about how to share network resources.

First, we'll cover the specifics of sharing applications, files and folders, hard drives, and printers. Then we'll discuss managing shared resources, and finally, back to the issue of network security and talk about the specifics of how to protect open network resources, whether it be protection through permission management or administrative work with users who have access to network resources.

Sharing concept

In Windows XP Professional, you can share files, folders, printers, and other network resources. These resources can be accessed either by other users on the local computer or by users on the network. This section explains how to set up sharing in a Windows XP Professional system.

We will first discuss sharing folders and hard drives, then we’ll turn to using printers, and finally we’ll discuss application sharing using Windows Messenger as an example.

Sharing folders and hard drives

The main purpose of networks is information sharing. If it wasn't for the ability to share files and folders, there would be no reason for networking. Windows XP Professional allows you to share folders and hard drives in several ways. Sharing is easy enough. How resources are shared will depend on how Windows XP Professional is configured.

Sharing at the folder level is the base (source) level at which you can manage. You cannot implement sharing a single file. It must be moved or created inside a shared folder.

Sharing implementation

If you need to introduce file sharing, then it will be quite easy to do. Navigate to the desired folder, right-click on it and select Properties from the menu that appears. Click on the Sharing tab and configure the details. The settings you choose will depend on several factors: First, enabling or disabling Simple File Sharing provides different options. The file system you are using - NTFS or FAT - also affects sharing. We'll discuss options for these settings later in the chapter.

To share network resources, you must first initiate File and Printer Sharing for Microsoft Networks in the network dialog box. If you do not see the Sharing tab in the folder properties dialog box, then this service is not connected. Typically this service is automatically installed by the Network Setup Wizard. If you need to install it, follow these steps.

Note. File and Printer Sharing for Microsoft Networks should only be installed on peer-to-peer networks of Windows computers.

1. Click on Start, right-click on My Network Places, select Properties, right-click on Local Area Connection and select Properties.
2. Click on the General tab.
3. Click the Install button. The Select Network Component Type dialog box appears.
4. Select Service and click the Add button.
5. Select File and Printer Sharing for Microsoft Networks and click OK.
6. You will be returned to the Local Area Connection window and you may be prompted to insert the Windows XP Professional CD.
7. Click on OK to save your changes.

Access levels

Windows XP professional offers five levels of access to files and folders. They are useful to know so that you can customize your credentials to suit your organization's resource sharing needs. These are the levels.

• Level 1. My documents. This is the level of the most severe restrictions. The only person entitled to read these documents is their creator.
• Level 2. My documents. This is the default level for local folders.
• Level 3. Files in open (for general use) documents are available to local users.
• Level 4. Shared files on the network. At this level, all network users can read these files.
• Level 5. Shared files on the network. At this level, all network users can not only read these files, but also write to them.

Note. Level 1, 2, and 3 files are only available to locally registered users.

In the following paragraphs, the specifics of these levels are discussed in more detail. To clarify the creation of these access level configurations, the security level setting process is shown using an example of a system with the Simple File Sharing option enabled.

Level 1. This level is the most stringent in terms of protection. At level 1, only the owner of a file can read and write to their file. Even the network administrator has no access to such files. All subdirectories that exist in a level 1 folder retain the same security level as the parent folder. If the owner of the folder wants some files and subdirectories to be available to others, then he changes the security settings.

The ability to create a Level 1 folder is only available to a user account and only within their own My Documents folder. Follow the steps below to create a Level 1 folder.

1. Click the Make this folder private box.
2. Click OK.

Level 2. At level 2, the file owner and administrator have read and write permissions to the file or folder. In Windows XP Professional, this is the default setting for each user file in the My Documents folder.

Follow the steps below to set security level 2 for a folder, its subdirectories and files.

1. Right click on the desired folder and then click on Sharing and Security.
2. Clear the Make this folder private and Share this folder on the network check boxes.
3. Click OK.

Level 3. Level 3 allows you to share files and folders with users who log on to the computer on the local network. Depending on the type of user (see Network Security for more information on user types), they may (or may not) perform certain actions on Level 3 files in the Shared Documents folder.

• Local Administrators and Power Users have full access.
• Restricted users have read-only access.
• Remote users do not have access to level 3 files.

Setting Level 3 permissions requires moving the desired folders and files to the Shared Documents folder.

Level 4. At the fourth level, files are readable by all remote users. Local users have read access (this also applies to Guest accounts), but they do not have the right to write and modify files. At this level, anyone with access to the network can read the files.

Follow these steps to create level 4 permissions for a folder.

• Clear the Allow network users to change my files box.
• Click OK.

Level 5. Finally, level 5 is the most permissible level in terms of file and folder security. Anyone on the network has carte blanche to access Level 5 files and folders. Since anyone can read, write, or delete files and folders, this level of security should only be implemented on closed, secure, and secure networks. Follow the steps below to set the level 5 permissions.

1. Right click on the folder and then click on Sharing and Security.
2. Check the Share this folder on the network checkbox.
3. Click OK.