UserLock Documentation
UserLock Documentation
You are here: Troubleshooting > HowToFix articles > HTF003 - File and Printer Sharing

HTF003 - Allow the File and Printer Sharing protocol

Error message

Failed to contact the computer [Machine Name] with the File and Printer Sharing protocol (SMB TCP 445).

This error can occur for Windows or macOS computers.
To resolve this problem, allow the File and Printer Sharing protocol (for Windows) or SSH (for macOS).

How to fix

For macOS, allow the SSH protocol

By default, SSH is disabled on macOS (for security reasons).
To activate it, open the "System Preferences", "Sharing" and activate "Remote Connection". You can restrict users who can connect via SSH.
To connect to the Mac, you can use Putty: manually fill in the username (as if you are logging in through the GUI), then the password (nothing is displayed for the password).

File and Printer Sharing network component

Check that the File and Printer Sharing network component is installed and enabled on the target machine.

  1. On the target machine, open the Network and Sharing Center by right-clicking on the network icon in the Windows task bar and then on 'Open Network and Sharing Center'.

  2. In the 'Network and Sharing Center', click on 'Change adapter settings'.

  3. Open your network adapter by double-clicking on it.

  4. Click on 'Properties'.

  5. Check that the component 'File and Printer Sharing for Microsoft Networks' is listed and enabled.

  6. If the component 'File and Printer Sharing for Microsoft Networks' is listed and enabled, then jump to the next possible cause.
  7. If the component 'File and Printer Sharing for Microsoft Networks' is listed but not enabled, then check its corresponding box and click on 'OK'.
  8. Try to deploy the agent on the target machine again.
  9. If the same error message is displayed, then jump to the next possible cause.
  10. If the component 'File and Printer Sharing for Microsoft Networks' is not listed, then you need to install it.
    Click on 'Install...'. Select 'Service' and click on 'Add...'.

    Select 'File and Printer Sharing for Microsoft Networks' and click 'OK'.

    It's now listed. Check its corresponding box and click on 'OK'.

  11. Try to deploy the agent on the target machine again. If the same error message is displayed, then jump to the next possible cause

'Server' service

Check that the 'Server' service is running on the target machine, even on a workstation.

  1. Open the Windows Services console on the target machine.
  2. Look for the service named 'Server'. This service must be enabled and running. We recommend you adjust its 'Startup Type' setting to 'Automatic'.

  3. If the 'Server' service is running on the target machine, then jump to the next possible cause.
  4. If the 'Server' service is not running on the target machine, then simply start it. We recommend you adjust its 'Startup Type' setting to 'Automatic'.
  5. Try to deploy the agent on the target machine again. If the same error message is displayed, then  jump to the next possible cause.
  6. If the 'Server' service is disabled on the target machine, then double-click on its corresponding line to edit its properties.
  7. Switch the 'Startup type' option to 'Automatic' and click on 'Apply'.

  8. Then click on 'Start' and click on 'OK' once the service has started.

  9. Try to deploy the agent on the target machine again. If the same error message is displayed, then  jump to the next possible cause.

Windows Firewall

Check that a firewall between the server and the workstation isn't blocking the 'File and Printer Sharing' protocol.
UserLock communications require the ICMP and the Microsoft File and Printer Sharing protocols. The firewall on the server hosting UserLock and on all machines protected by UserLock must authorize these two protocols.

  1. In the Windows Firewall, click on 'Allow an app or feature through Windows Firewall'.

  2. Enable 'File and Printer Sharing' for the domain by checking its corresponding box. Click on 'OK'. Both required protocols will be authorized.

    For more security, we suggest you enable these two protocols through a Microsoft Group Policy. This will also allow you to specify IP restriction on the UserLock server IP as only allowed source.

  3. Try to deploy the agent on the target machine again.

To apply requirements on UserLock Server and protected machines through Group Policies (recommended): see this page.