HowTo Setup Windows 7 for Network Sharing with Samba and openSUSE

Setup Windows 7 to Share Resources on an openSUSE Samba Network

Versions: openSUSE 11.x and all other contemporary Linux distros.

Caution: Various Internet HowTo articles advise changing the default Windows 7 and Samba security policies. Those articles are wrong. There is no need to adjust the default settings relating to NTLMv2 in Linux or Windows 7.

Introduction: openSUSE 11.x and Windows 7 talk to each other just fine. Some folks are having trouble with the Windows 7 settings so I'll run through some settings that will enable old-style free sharing. Once you can do that it's easy to tighten up the security in Windows 7 to require authentication from the openSUSE users.

These settings are for all Linux machines, not just openSUSE. These settings are almost the same for Windows Vista. I have repeated the tutorial for Windows Vista on this site: Setup Vista on an openSUSE Samba Network.

Set up Linux: Settings are the same for all Linux Distros (including openSUSE). Set your Linux machine to use Broadcast Name Resolution e.g. see this tutorial for typical settings: openSUSE/Windows LAN Primer.

Network Names in Windows 7: Here's how to set the names for your Workgroup and your Win 7 computer on your LAN. These names attach to Icons in your Network Browsers. Go to Start --> Control Panel and set to View by: Small icons. Find and select System --> Advanced System Settings. Activate the Tab Computer Name and examine the names Full Computer Name and Workgroup. You select a unique network name for the Win 7 machine but make sure the Workgroup name is the same for all computers on the LAN. Click the Change button to alter the names if necessary. Restart the Win 7 computer to make the changes effective.

Initialise Windows 7 Network: Go to start --> Control Panel --> Network & Sharing Centre. The screenshot below appears.

The Network icon under View your active networks should be labelled either Work network or Home network. If it's labelled Public network, then click the Public network hyperlink and a screen will open where you can select for a private network (either home or work, whichever you prefer).

Now click to Change advanced sharing settings. You must switch Network Discovery and File Sharing to On. Set File sharing connections to use 128-bit encryption. Set HomeGroup connections to be managed by Windows. The choices for Public folders and Media streaming are up to you. You can read about them and decide by clicking the blue hyperlinks. To imitate the style for XP and Windows 2000 you would have Password protected sharing set to Off.

Creating a Shared Folder: Recall that we have set for open sharing similar to Windows 2000/XP. The following description is based on that. Create a folder anywhere convenient and Right click --> Properties. This will open a dialog shown in the Screenshot #1 below.

You should see in Screenshot #1 (in the Password Protection panel at the bottom) a statement that a username and password aren't necessary for access to folders shared with "Everyone". If you don't see that, then re-do the settings under the Change advanced sharing settings link in the Network and Sharing Centre.

Next click the Advanced Sharing button and the panel in Screenshot #2 will open.

When the panel of Screenshot #2 opens, tick/enable the option to Share this folder. The share name (e.g. win7share) is preset as the name of the folder you are sharing.

Next you have to set network access to the share: click the button for Permissions and the panel of Screenshot #3 will open.

The group Everyone should be in the frame for Group or usernames (if not then click to Add the group). In the lower panel, adjust the permissions to allow Full Control (including Change and Read). Click whatever Apply and OK buttons to make it stick and you'll have a network share that is visible from Linux.

That's only part of the story. So far you've enabled the share to be seen on the LAN. To enable access to the share, you must also adjust the non-network access permissions. Return to the folder and Right click --> Properties --> Security Tab. You must match the Security permissions to your network permissions set in the previous paragraph, for example Full control to Everyone. Look in Group or usernames panel under the Security Tab. If Everyone is not present, add it by clicking the Edit button then the Add button. Then highlight Everyone and click/enable Full control.

The shared folder I've described here gives full access to everyone on the LAN. Many would regard that as too broad, unwise. You can tighten the security easily by reducing the access from Everyone to specific people, by requiring password access or by reducing the access rights below Full control. The main thing is to remember to match the access permissions for the folder according to the Security Tab to the access permissions according to the Sharing Tab.

Note on Windows Firewall: You opened the Windows firewall for Samba communications in the earlier segment titled Initialise Windows 7 Network. You don't need to do anything further. But if you've fiddled with the firewall settings or just feel the need to check, then go to Control Panel --> Windows Firewall and click to Allow a program or feature through Windows firewall. Make sure that Core Networking, File and Printer Sharing and Network Discovery are all enabled.

There it is, hope it helps.
Swerdna: 20 May 2010

This tutorial is based on a draft for Windows 7 shares by venzkep.

How you can help

Samba: Browsing Shares

On-the-fly File Shares

About Usershares

CIFS: Mapped Drives
& Mounted Shares

Samba and Vista
Samba & Windows 7