For Geeks @nd the not so Geeky

Small Office Network – Building a Network

Network Small Office – File and Printer Sharing

If you want to share more than just the default shares like administrative shares preceded by the $ sign or the C:\users\public share you will have to configure the shares manually. Public folder sharing is turned off by default in Windows 7. To configure small office network settings for a computer network setup go to Control Panel – All Control Panel Items – Network and Sharing Center – Advanced sharing settings.

How to Set Up a Small Office Network – Advanced Sharing Options/Settings

  • Network Discovery– Allows the client to be discovered on the network and likewise discover other devices. Disabling this setting does not influence other sharing options
    small office network
  • File and Printer Sharing
  • Public Folder Sharing – Automatically grants public folder read and write access to other network users
  • Media Streaming – Grants access to pictures, videos and music on the client  and the ability to discover other s hared media available on Windows 7 clients on the network
  • File Sharing Connections – Allows for 40 -, 56 – bit encryption for older devices that do not support the recommended 128 – bit encryption
  • Password Protected Sharing – Only locally configured user accounts can access shared resources, including the Public folder, on the client over the network. If other users need access this option should be disabled
  • HomeGroup Connections – Allows Windows to manage connections as long as all computers use the same username and password. When multiple user accounts and passwords are in use you should choose the Home/Work option instead of HomeGroup

HomeGroups can only be created on private home networks and not on an AD DS domain as long as you have a Home Premium, Professional or Ultimate edition of Windows 7.

You can join an existing homegroup with a domain-joined computer or any version of Windows 7 as long as the network location is set to Home.  To set up a small office network you could create a HomeGroup for designing a network.

Small Office Network Setup

Domain-joined computers cannot share libraries or printers to the homegroup or small network and group policy can be used to prevent these computers from joining a homegroup.

Only users with administrative rights can create homegroups whereas any user can share the resources they choose.
Each user’s homegroup share is visible as long as the computer is turned on and connected to the network. To join a homegroup you will need to contact the owner to get the password to join.

How to Setup a Small Office Network Using Shared Folders

Shared Folders

If you cannot use homegroups you can share an individual folder by right clicking it and selecting the share tab on the folder’s properties.
Share button allows you to share with

  • Local users but NOT local groups
  • Everyone group
  • HomeGroup
  • Domain users and Groups if the client is part of AD domain

Advanced Sharing Button

Configure permissions and maximum number of connected users for local users and groups as well as domain users and groups

Advanced Permissions

small office network configuration advanced permissions

Simple Sharing

network setup for small office simple file sharing

When you setup a small office network you can view and manage all shared folders and the users connected to them in the shared folders node of Computer Management


small office network librariesA library is not a file but a virtual collection of folders in the sense that it contains a series of links pointing to the original folder.

A library is shared by default with other users of the computer. Each library by default contains a user-based subfolder and a public subfolder.

Setting up Small Office Network – Security Permissions and NTFS

The share folder permissions mentioned above are for users accessing files over the network.  If you want to secure files and folders both over the network and on a local level you will need to implement NTFS file permissions.

NTFS and shared file permissions can be combined but remember that share permissions only work over the network whereas NTFS permissions work on both the network an local level.

If you are not the owner of a folder on a local computer by default permission is denied unless you are an administrator.
Windows uses an Access Control List or ACL to store all the types of access that users or groups have been granted to a particular file or folder.

NTFS permissions can also be configured and managed by using the command line tool icalcs.

small office network setup - icalcs

Network Setup for Small Office – Effective Permissions

Anyone who creates a file or folder automatically becomes owner and has full control permissions. If the user is part of the administrators group, the administrators group becomes the owner. Administrators can also take ownership of any file or folder they choose.

NTFS permissions are inherited from parent to child meaning that they pass down their authority to any files or subfolders contained within the parent folder. This is also called propagation. You cam modify and view inheritance properties if needed.

Shared folder and NTFS permissions are cumulative and your effective permissions are a combination of the permissions configured for your user account and the security groups you are a member of.
The effective permission is the least restrictive of all permissions granted to you as a user or the groups you belong to unless an explicit denial is in place.

Effective Permissions Sharing and NTFS Combined

  • Least restrictive policy applies at the NTFS or shared folder level
  • Over the network the most restrictive policy applies
  • An explicit access denied overrides all other permissions. Once you are denied access to a folder you will have no more access to any files within that folder regardless of the permissions set on individual files.

Small Office Network Configuration – Moving and Copying File Permissions

Copying Files and Folders

  • Within the Same Partition – copy inherits NTFS permissions of destination folder
  • Copy to another Partition – same as above
  • Copies to a FAT or FAT32 partition – all permissions are lost

Moving Files and Folders

  • Within the Same Partition – retains original NTFS permissions regardless of destination folder permissions
  • Copy to another Partition – inherits permissions of destination folder
  • Copy to a FAT or FAT32 partition – all permissions are lost

Network Speed Test

Several free services exist online to check the speed of your network. Just do a search for “speed test” on Google and take your pick.

Comments are closed.