Workgroup or domain??

[sparker11]

I have 2 computers plus a work laptop. I have a D-link 704P router and a cable Internet connection.

I have the workgroups working fine w/the 2 computers (one being win xp and the other win2k server). Is it better to have the server as a domain controller or just leave it as workgroups?

Someone recommended I put my domain the same as work so I can see the stuff on my work laptop.

Just some thoughts.

[dudephil]

Leave it as a workgroup. A domain is designed for more than 10 computers and will not help network performance in the least. If you are looking for a way to access your work computer while it is on your home network, and it is a member of another domain, just map to the shared folder using the UNC. \\name of computer\sharename. You don't have to be members of the same domain or workgroup to see each others files.

[sparker11]

I'm guessing I'd have to allow for "guest" accounts so I can then enter the user id and password if i use \\<computer name>\c.

It seemed the only way for that to work.

Thanks!

[SkyDog]

Originally posted by sparker11
I'm guessing I'd have to allow for "guest" accounts so I can then enter the user id and password if i use \\<computer name>\c.

It seemed the only way for that to work.

Thanks!

It depends on the operating system you're using. If you're using Windows NT, 2000, or XP, you should be prompted for authentication if you use an UNC path like \\COMPUTER\C$. If you're using Windows 9x or ME, though, you'll just get an "Access Denied" error message unless the Guest account is enabled (or you resort to other assorted trickery).

[sparker11]

Skydog,

First, thanks for the response! I did get prompted once for the id/password going from my home pc to my laptop and all worked fine, but when I try the other way no-joy.

I'm using the following:

Win2K - work laptop
Win XP - home PC
Win2K server - home server

I'd like to be able to access the laptop via my homepc/server and vice-versa.

I've read a few threads and have tried some of the suggestions. I currently have a workgroup setup for my 2 home PC's and my laptop belongs to a domain.

Any best practices/policies anyone would suggest? I have disabled the guest account on my home network (as some have suggested).

Thanks again.

[SkyDog]

Since they're all 2K or XP, this ought to be pretty easy.

What user ID & password do you use to log into your home systems? Create a new local account on your laptop using the EXACT same user ID and password, and give that account permission to whatever you want access to. (Or if you want full access, put that account in the local administrators group.)

Now create an account on your home machines using the EXACT same user ID and password you use to log into your domain at work, and add this new account to the local admin accounts on your home computers.

Now when you log into your work computer and try to access the home computers (or vice versa), they should recognize your user ID and password and grant you access.

Just remember that when you change your domain password at work, you'll need to duplicate that change on your home systems.

[sparker11]

Ok, I was able to see my pc using my laptop but ONLY when I use a user that is local to the laptop.

In other words, if I use my work account which is <work domain>\<my id> I get the following error:

"There are currently no logon servers available to service the logon request."

However, when I create a local user on my laptop I can search and get to the shared PC drive.

Any ideas? Any way to get around this?

[Sprint_ST_NYC]

Originally posted by sparker11
Ok, I was able to see my pc using my laptop but ONLY when I use a user that is local to the laptop.
In other words, if I use my work account which is <work domain>\<my id> I get the following error:
"There are currently no logon servers available to service the logon request."
However, when I create a local user on my laptop I can search and get to the shared PC drive.
Any ideas? Any way to get around this?

Remember, in a domain, the PC does NOT handle authentication. Whenever anyone tries to access it, it will pass on the logon to a domain controller. Unless you specify a local account.

The reason you can log into a laptop with a domain account when it's not connected to the network the domain controller on is simple, and intentional - it keeps a hash of your password as part of your profile. So you can log in; it figures if you were able to log in before, you're probably safe. (BTW, you can turn off this behavior with a registry tweak if you want).

However, being able to log into a workstation locally doesn't mean you'll be able to access it over the network. Any attempt to access it remotely will require access to a domain controller. Come on, you don't want workstations authenticating logons - that's what a domain controller is for. If you're trying to access network resources over the network, the admins want to make sure your account isn't disabled, locked out, etc.

So there is no way around this except for what you've already discovered - using a local account. Or convincing your job to put a DC in your house.

[SkyDog]

I seem to remember using my work laptop at home and being able to access network shares while logged into my domain account, via a local account on the home systems that uses my exact domain username and password.

For example, let's say I'm logged into my laptop as DOMAIN\User with a password of PASSWORD. If I've defined a local account named User on my home machines with a password of PASSWORD, the home machines would authenticate successfully using the username and password, ignoring the domain name.

I'm not 100% certain this would work, but I think I've used this method before. Maybe I'll try it again to verify sometime.

[sparker11]

Skydog -

Once again thanks for the post. I'll give it another try tonight. I did try setting up a local user w/say sparker11 on my home pc. I logged into my worklaptop DOMAIN/sparker11 but I got the error I showed in the previous post.

The interesting thing is if I created a LOCAL user on my laptop and did the same on my home pc all is fine.

I was just curious if I had a protocol setup or something like that ... once again thanks for the posts.