Windows 10 won't open network folders. How to open access to a computer over a network. Automatic connection to network folder from STB side
By default, SMB 1.0 support is still enabled in Windows 10 and Windows Server 2016. In most cases, it is only required to support legacy systems: Windows Server 2003 and older. In the event that there are no such clients left in your network, it is advisable to disable the SMB 1.x protocol in new versions of Windows, or completely remove the driver. Thus, you will protect yourself from a large number of vulnerabilities that are inherent in this outdated protocol (as evidenced once again), and all clients, when accessing SMB balls, will use new, more productive, secure versions of the SMB protocol.
In one of the previous articles we have provided client and server side. According to the table, older versions of clients (XP, Server 2003 and some outdated * nix clients) can only use the SMB 1.0 protocol to access file resources. If there are no such clients left on the network, you can completely disable SMB 1.0 on the file servers (including AD domain controllers) and client stations.
Auditing access to the file server via SMB v1.0
Before disabling and completely removing the SMB 1.0 driver on the side of the SMB file server, it is advisable to make sure that there are no outdated clients left on the network connecting to it via SMB v1.0. To do this, enable auditing of access to the file server using this protocol using the PowerShell command:
Set-SmbServerConfiguration –AuditSmb1Access $ true
After a while, study the events in applications and Services magazine -\u003e Microsoft -\u003e Windows -\u003e SMBServer -\u003e Audit for client access using the SMB1 protocol.
Advice... The list of events from this log can be displayed with the command:
Get-WinEvent -LogName Microsoft-Windows-SMBServer / Audit
In our example, the log recorded access from the client 192.168.1.10 via the SMB1 protocol. This is evidenced by events with EventID 3000 from the SMBServer source and description:
SMB1 access
Client Address: 192.168.1.10
Guidance:
This event indicates that a client attempted to access the server using SMB1. To stop auditing SMB1 access, use the Windows PowerShell cmdlet Set-SmbServerConfiguration.
In this case, we will ignore this information, but we must take into account the fact that in the future this client will not be able to connect to this SMB server.
Disabling SMB 1.0 on the server side
SMB 1.0 can be disabled on both the client and server side. On the server side, SMB 1.0 provides access to SMB network folders (file balls) over the network, and on the client side, it is needed to connect to such resources.
Use the following PowerShell command to check if SMB1 is enabled on the server side:
As you can see, the value of the variable EnableSMB1Protocol \u003d True.
So, let's disable support for this protocol:
Set-SmbServerConfiguration -EnableSMB1Protocol $ false -Force
And using the Get-SmbServerConfiguration cmdlet, make sure that the SMB1 protocol is now disabled.
To completely remove the driver that handles SMB v1 client access, run the following command:
Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol -Remove
It remains to reboot the system and make sure that support for the SMB1 protocol is completely disabled.
Get-WindowsOptionalFeature –Online -FeatureName SMB1Protocol
Disabling SMB 1.0 on the client side
By disabling SMB 1.0 on the server side, we ensured that clients would not be able to connect to it using this protocol. However, they can use an outdated protocol to access third-party (including external) resources. To disable SMB v1 support on the client, run the commands:
sc.exe config lanmanworkstation depends \u003d bowser / mrxsmb20 / nsi
sc.exe config mrxsmb10 start \u003d disabled
So, by disabling support for the outdated SMB 1.0 on the client and server side, you will completely protect your network from all known and not yet found vulnerabilities in it. And vulnerabilities in Microsoft Server Message Block 1.0 are found quite regularly. The last significant vulnerability in SMBv1, which could allow an attacker to remotely execute arbitrary code, was patched in March 2017.
Recent large-scale virus attacks have spread using holes and flaws in the old SMB1 protocol. For one minor reason, the Windows operating system still allows it to work by default. This old version of the protocol is used for file sharing on a local network. Its newer versions 2 and 3 are more secure and should be left enabled. Since you are using a new operating system numbered 10 or the previous one - 8 or even the already outdated one - 7, you must disable this protocol on your PC.
It is included only because some users still use old applications that were not updated in time to work with SMB2 or SMB3. Microsoft has compiled a list of them. Find it and view it on the Internet, if necessary.
If you keep all of your programs installed on your computer in good condition (update on time), you most likely need to disable this protocol. This will increase the security of your operating system and confidential data by one step. By the way, even the specialists of the corporation itself recommend turning it off, if necessary.
Are you ready to make changes? Then let's continue.
SMB1
Open the Control Panel, go to the “Programs” section and select the subsection “Turn Windows features on / off”.
In the list, find the option “Support for SMB 1.0 / CIFS file sharing”, uncheck it and click “OK”.
Reboot the operating system, having previously saved all your previously edited files, such as documents, etc.
FOR WINDOWS 7
Editing the system registry will help you here. It is a powerful tool of the system and, if incorrect data is entered into it, it can lead to unstable operation of the OS. Use it with caution, be sure to back it up before doing so.
Open the editor by pressing the Win + R key combination on your keyboard and typing “regedit” in the input field. Then follow the next path:
HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Services \\ LanmanServer \\ Parameters
create a new 32-bit DWORD and name it “SMB1” with the value “0”. Reboot your system.
Attention! These methods work to disable the protocol on one PC only, but not on the entire network. Refer to the official Microsoft documentation for the information you are interested in.
One of the ways STB can access files located on network computers is the SMB Sharing Protocol, which is a standard Microsoft Windows protocol and provides functions "Microsoft Windows Networks"and "Sharing Files and Printers".
Samba - free implementation of the SMB protocol for UNIX-like and other operating systems.
The use of SMB / Samba protocols allows access from STB (running under Linux OS) to folders and files located on network computers (running Linux, Windows, etc.). Thus, STB users get the opportunity to play media files (video, audio, images) on STB that are located on network computers running one of the types of OS that supports the SMB protocol.
Protocol SMB / Samba is an application protocol (in terms of the OSI network model). The transport protocol TCP / IP is used for data exchange.
The SMB / Samba protocol uses a client-server architecture: a PC acts as a server, which hosts certain network resources (folders) with media files, and an STB acts as a client, from which media files are played.
Network resources (in the form of shortcuts) are displayed in STB, in the menu, in accordance with the standard network LAN architecture of Windows OS: Network / Workgroup / Computer / Folder.
By default, access to computer resources is closed by settings on the computer side. When it is necessary to access a specific network folder, the computer useropens access to this folder. To control access to folders, use the procedureWindows OS " File Sharing".
There are two types of network folder access (the type of access is determined on the server side):
- by password - to access the network folder from the STB side, use the procedure Authorization (you must enter the name (login) of a specific computer user and his password (password);
- no password - access to the network folder is open for all users, without having to enter a password.
Discovery of shared network resources on the STB side occurs automatically (if it is not prohibited on the computer side or except for cases related to incorrect network operation). The connection to the network folder is established when the STB user opens a network folder. If using password access to the folder, the user is prompted to specify login and password.
It is also possible to manually connect network folders (if they were not detected automatically). Configuring and accessing network resources using the protocol SMB/ Samba on STB is carried out in the menu Home media .
Below is an example of how to connect a network folder of a Windows 10 PC to play media files from STB.
Parameters used in the example
Computer (file server):
- Operating system - Windows 10 64-bit;
- Computer name - My_ computer;
- Working group - WORKGROUP (default workgroup name in OSWindows»);
- IP-pC address: 192.168.1.186.
- The network resource to which access is opened (folder with media files) - folder Video_ E1.
- Username - Usr.
STB (client)
- IP-the addressSTB: 192.168.1.230
PC side connection setup
Checking availability of network connection between PC and STB
Before setting up the connection, make sure the network connection between the PC and STB is available - send ICMP Echo Requests (PING) from PC to STB.
Check enable SMB protocol
- Open Control Panel⇒ All elements of the control panel ⇒ Programs and Features.
- In the left pane, select Turn Windows features on and off.
- Make sure the option is enabled Supports SMB 1.0 / CIFS File Sharing.
Configuring Sharing Options for Different Windows Profiles
1. Open Control Panel⇒ All elements of the control panel ⇒ Network and Sharing Center .
2. In the left pane, select Change advanced sharing options .
2. Configure sharing options for the three profiles (" Private "," Guest or Public "and "All networks"):
Private
Guest or public
All networks
Sharing a folder on the PC side
1. Share the folder Video_E1: Properties ⇒
Access⇒ Sharing.
2. In the window that opens File Sharing select and add users to access the folder:
2.1 To organize access to the folder by password (the password of the PC user is used), select and add the necessary users (in the example, access for the current user is considered Usr). In this case, when you try to open the folder from the STB side, you will be asked for login (computer username) and password (computer user password).
Consider. You must use a specific user account password value. The absence of a password (empty password) will make it impossible to access the folder!
2.2 If you need to provide access to the folder to all network users, select the user in the list "All" (if there is no such item in the list, select and add).
The figure below shows an option for configuring the provision of passwordless access to a folder Video_E1 (for all network users).
Automatic connection to network folder from STB side
- In the Embedded portal go to Main window⇒ HomeMedia⇒ Network environment ( Network ) ⇒ WORKGROUP
2. In the folder WORKGROUP the network computers of the workgroup are displayed.
Open the shortcut of the required network computer - My_
Computer(In chapter My_
Computer folders of the network computer of the same name, for which access is open, are displayed).
3. To make sure that the automatic detection of the network resource has taken place and check the type of protocol, select the folder and use the "i" (INFO) button on the remote control:
4. Open folder Video_E1... Inside the folder, follow the path along which the media file to be played is located.
5. If password access is set for a folder, or for some reason STB cannot "mount" the folder (that is, access it - see the section), then when you try to open this folder, a window opens Network connection.
6. Run the media file.
Forced connection to a network folder by STB
For those cases when automatic connection is not established, manual configuration of access to a network folder is provided:- In the Embedded portal open Main window⇒ HomeMedia⇒ network environment
- Call window Operations (Operations) - button Menu on the remote control.
- Press Mount NFS / SMB ( Connect NFS / SMB) .
- In the window Network folder connection (Connect network folder) enter connection parameters:
- Server address (Server Address) - IP-address of the PC (file server) on which the required network folder is located;
- Server folder (Server folder) - the name of the folder (directory) on the PC for which the public access is set;
- Local folder (Local folder) - the name of the folder on the STB (by default, the same as the name of the folder on the server);
- Connection type (Connection type) – SMB.
- Login (Login) - access login - entered if password access is used for the folder. Input value with matches the PC username;
- Password (Password) - folder access password - entered if password access is used for the folder.
Note... If the folder uses passwordless access, the fields Login and Password must be empty!
Disconnecting a network folder, changing connection settings on STB
To force disconnect a specific network folder, use the command for that folder Disable NFS / SMB.
If you need to make changes to the connection settings of a specific folder (for example, when changing the settings for accessing a folder on the PC side), use the command for this folder Edit (eng. Edit share).
Mounting a folder
Establishing a connection to a specific folder, described in subsections and, is accompanied by automatic mounting of the folder on the STB. If a certain folder is "mounted" on STB, its shortcut appears on the top menu level Home media.
The user can also mount the required folder manually (this also leads to folder connection), for this purpose the command is used Mount share.
To "unmount" a folder in STB (this also leads to disconnection of the folder from STB) use the command Disable resource (English Unmount share).
2. If, when opening a network folder on STB, it is proposed to perform authorization, but password access was not assigned to the folder:
- On a networked computer, check that the folder properties are open for the user "All";
3. If, when opening a folder on STB, it is proposed to perform authorization (enter login, password), but the password value is not set (empty password):
- Set a specific value for a computer user password;
- If access has not resumed, restart STB.
4. If the file does not open:
- check if the file is played locally on the PC;
- try to run other files from STB from the same network folder, from other network folders;
- try to play a file of a different format (preferably, check the file that was previously played on STB, for example, from a USB-drive). Perhaps this file format is not supported by STB player.
annotation
This article describes procedures for enabling and disabling Server Message Block (SMB) version 1, SMB version 2 (SMBv2), and SMB version 3 (SMBv3) in SMB client and server components.
Warning. It is not recommended to disable SMB v2 or 3. Disable SMB v2 or 3 only as a temporary troubleshooting measure. Do not leave SMB version 2 or 3 disabled.
On Windows 7 and Windows Server 2008 R2, disabling SMB version 2 will disable the following functionality.
- Combining requests, allowing multiple SMB 2 requests to be sent as a single network request.
- High volumes of read and write operations to optimize use of fast networks.
- Caching the properties of files and folders where clients save local copies of files and folders.
- Long-term descriptors that allow you to transparently reconnect to the server in the event of a temporary disconnection.
- Enhanced message signatures where the HMAC SHA-256 hashing algorithm replaces MD5.
- Improved scaling for file sharing (significantly increased the number of users, shares and open files per server).
- Support for symbolic links.
- A client lease model that limits the amount of data transferred between the client and the server to improve the performance of high-latency networks and increase the scalability of the SMB server.
- Large MTU support for full use of 10 Gigabit Ethernet.
- Reduced power consumption - Clients with files open to the server can be in sleep mode.
- Transparent failover, where clients fail over to cluster nodes during maintenance or outage without disruption.
- Scaling - with the provision of concurrent access to shared data on all cluster nodes.
- Multichannel provides network link bandwidth aggregation and network resiliency across the various links available between the client and server.
- SMB Direct - Provides support for RDMA networks for very high performance, low latency, and low CPU utilization.
- Encryption - Provides end-to-end encryption of data and protects it from eavesdropping on untrusted networks.
- Directory leasing reduces application response times in branch offices through caching.
- Optimizes the performance of small data random read and write operations.
Additional Information
How to enable and disable SMB protocols on an SMB server
Windows 8 and Windows Server 2012
Windows 8 and Windows Server 2012 introduced the new Windows PowerShell cmdlet Set-SMBServerConfiguration. It allows you to enable or disable SMB versions 1, 2, and 3 on the server.Notes. When you enable or disable SMB version 2 in Windows 8 or Windows Server 2012, SMB version 3 is also enabled or disabled. This is due to the common stack used for these protocols.
After running the cmdlet
- To get the current state of the SMB server protocol configuration, run the following cmdlet:
Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol
Set-SmbServerConfiguration -EnableSMB1Protocol $ false
Set-SmbServerConfiguration -EnableSMB2Protocol $ false
Set-SmbServerConfiguration -EnableSMB1Protocol $ true
Set-SmbServerConfiguration -EnableSMB2Protocol $ true
Windows 7, Windows Server 2008 R2, Windows Vista, and Windows Server 2008
To enable or disable SMB protocols on a Windows 7, Windows Server 2008 R2, Windows Vista, or Windows Server 2008 SMB server, use Windows PowerShell or Registry Editor.Windows PowerShell 2.0 or later PowerShell
- To disable SMB version 1 on the SMB server, run the following cmdlet:
Set-ItemProperty -Path "HKLM: \\ SYSTEM \\ CurrentControlSet \\ Serv ices \\ LanmanServer \\ Parameters" SMB1 -Type DWORD -Value 0 -Force
- To disable SMB versions 2 and 3 on the SMB server, run the following cmdlet:
Set-ItemProperty -Path "HKLM: \\ SYSTEM \\ CurrentControlSet \\ Serv ices \\ LanmanServer \\ Parameters" SMB2 -Type DWORD -Value 0 -Force
- To enable SMB version 1 protocol on the SMB server, run the following cmdlet:
Set-ItemProperty -Path "HKLM: \\ SYSTEM \\ CurrentControlSet \\ Serv ices \\ LanmanServer \\ Parameters" SMB1 -Type DWORD -Value 1 -Force
- To enable SMB versions 2 and 3 on the SMB server, run the following cmdlet:
Set-ItemProperty -Path "HKLM: \\ SYSTEM \\ CurrentControlSet \\ Serv ices \\ LanmanServer \\ Parameters" SMB2 -Type DWORD -Value 1 -Force
Registry editor
Attention ! This article contains information about modifying the registry. It is recommended that you back up the registry before making any changes. and learn how to recover it in case a problem occurs. For more information about backing up, restoring, and modifying the registry, see the following article in the Microsoft Knowledge Base.To enable or disable SMB version 1 protocol on the SMB server, configure the following registry key:Registry subkey: Registry entry: SMB1
REG_DWORD: 0 \u003d disabled
REG_DWORD: 1 \u003d enabled
Default: 1 \u003d Enabled
Registry subkey: HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControl Set \\ Services \\ LanmanServer \\ ParametersRegistry entry: SMB2
REG_DWORD: 0 \u003d disabled
REG_DWORD: 1 \u003d enabled
Default: 1 \u003d Enabled
sc.exe config lanmanworkstation depends \u003d bowser / mrxsmb20 / nsi
sc.exe config mrxsmb10 start \u003d disabled
- To enable SMB version 1 protocol on an SMB client, run the following commands:
sc.exe config mrxsmb10 start \u003d auto
- To disable SMB versions 2 and 3 on an SMB client, run the following commands:
sc.exe config lanmanworkstation depends \u003d bowser / mrxsmb10 / nsi
sc.exe config mrxsmb20 start \u003d disabled
- To enable SMB versions 2 and 3 on an SMB client, run the following commands:
sc.exe config lanmanworkstation depends \u003d bowser / mrxsmb10 / mrxsmb20 / nsi
sc.exe config mrxsmb20 start \u003d auto
- These commands must be entered at an elevated command prompt.
- After making these changes, the computer must be restarted.
In connection with the recent outbreak of the WannaCry ransomware exploiting the SMB v1 vulnerability, there are again tips on the network to disable this protocol. Moreover, Microsoft strongly recommended disabling the first version of SMB back in September 2016. But such a shutdown can lead to unexpected consequences, up to curiosities: I personally came across a company where, after the fight against SMB, Sonos wireless speakers stopped playing.
Especially in order to minimize the likelihood of a "shot in the leg", I want to remind you of the peculiarities of SMB and consider in detail what threatens the ill-conceived disabling of its older versions.
SMB (Server Message Block) is a network protocol for remote access to files and printers. It is he who is used when connecting resources via \\ servername \\ sharename. The protocol initially worked on top of NetBIOS using UDP ports 137, 138 and TCP 137, 139. With the release of Windows 2000, it began to work directly using TCP port 445. SMB is also used to log into and work in an Active Directory domain.
In addition to remote access to resources, the protocol is also used for interprocessor communication through "named streams" - named pipes. The process is addressed along the path \\. \\ Pipe \\ name.
The first version of the protocol, also known as CIFS (Common Internet File System), was created back in the 1980s, but the second version appeared only with Windows Vista, in 2006. The third version of the protocol came out with Windows 8. In parallel with Microsoft, the protocol was created and was updated in its open source Samba implementation.
Each new version of the protocol added various improvements aimed at increasing performance, security and support for new functions. But at the same time, support for old protocols remained for compatibility. Of course, older versions had and still have enough vulnerabilities, one of which is used by WannaCry.
Under the spoiler, you will find a summary table of changes in SMB versions.
Version | operating system | Added compared to the previous version |
SMB 2.0 | Windows Vista / 2008 | Changed the number of protocol commands from 100+ to 19 |
Possibility of "pipeline" work - sending additional requests before receiving a response to the previous | ||
Support for symbolic links | ||
HMAC SHA256 message signature instead of MD5 | ||
Increase cache and write / read blocks | ||
SMB 2.1 | Windows 7 / 2008R2 | Performance improvement |
Higher MTU support | ||
BranchCache support - a mechanism that caches WAN requests on a local area network | ||
SMB 3.0 | Windows 8/2012 | Ability to build a transparent failover cluster with load balancing |
Direct Memory Access (RDMA) support | ||
Powershell cmdlet management | ||
VSS support | ||
AES – CMAC signature | ||
AES-CCM encryption | ||
Ability to use network folders to store HyperV virtual machines | ||
Ability to use network folders to store Microsoft SQL databases | ||
SMB 3.02 | Windows 8.1 / 2012R2 | Security and performance improvements |
Automatic balancing in the cluster | ||
SMB 3.1.1 | Windows 10/2016 | AES-GCM encryption support |
Integrity check before authentication using SHA512 hash | ||
Mandatory secure "negotiations" when working with clients SMB 2.x and higher |
We consider conditionally injured
It is quite easy to view the currently used version of the protocol, we use the cmdlet for this Get – SmbConnection:
Cmdlet output with open network resources on servers with different versions of Windows.
It can be seen from the output that a client that supports all protocol versions uses the highest possible version supported by the server to connect. Of course, if the client only supports the old version of the protocol, and it is disabled on the server, the connection will not be established. You can enable or disable legacy support on modern Windows systems using the cmdlet Set – SmbServerConfiguration, and see the state like this:
Get – SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol
Turn off SMBv1 on a server running Windows 2012 R2.
Result when connecting from Windows 2003.
Thus, if you disable the old, vulnerable protocol, you can lose the functionality of the network with old clients. At the same time, in addition to Windows XP and 2003, SMB v1 is also used in a number of software and hardware solutions (for example, NAS on GNU \\ Linux, using an old version of samba).
Under the spoiler, I will give a list of manufacturers and products that will completely or partially stop working when SMB v1 is disabled.
Manufacturer | Product | Comment |
Barracuda | SSL VPN | |
Web Security Gateway backups | ||
Canon | Scan to network share | |
Cisco | WSA / WSAv | |
WAAS | Versions 5.0 and older | |
F5 | RDP client gateway | |
Microsoft Exchange Proxy | ||
Forcepoint (Raytheon) | "Some products" | |
HPE | ArcSight Legacy Unified Connector | Older versions |
IBM | NetServer | Version V7R2 and older |
QRadar Vulnerability Manager | Versions 7.2.x and older | |
Lexmark | Firmware eSF 2.x and eSF 3.x | |
Linux Kernel | CIFS client | From 2.5.42 to 3.5.x |
McAfee | Web gateway | |
Microsoft | Windows | XP / 2003 and older |
MYOB | Accountants | |
NetApp | ONTAP | Versions prior to 9.1 |
NetGear | ReadyNAS | |
Oracle | Solaris | 11.3 and older |
Pulse Secure | PCS | 8.1R9 / 8.2R4 and older |
PPS | 5.1R9 / 5.3R4 and older | |
QNAP | All storage devices | Firmware older than 4.1 |
RedHat | RHEL | Versions prior to 7.2 |
Ricoh | MFP, scan to network resource | Besides a number of models |
RSA | Authentication Manager Server | |
Samba | Samba | Older than 3.5 |
Sonos | Wireless speakers | |
Sophos | Sophos UTM | |
Sophos XG firewall | ||
Sophos Web Appliance | ||
SUSE | SLES | 11 and older |
Synology | Diskstation Manager | Control only |
Thomson reuters | CS Professional Suite | |
Tintri | Tintri OS, Tintri Global Center | |
VMware | Vcenter | |
ESXi | Older than 6.0 | |
Worldox | GX3 DMS | |
Xerox | MFP, scan to network resource | Firmware without ConnectKey Firmware |
The list is taken from the Microsoft website, where it is regularly updated.
The list of products using the old version of the protocol is quite large - before disabling SMB v1, you must definitely think about the consequences.
Disable
If there are no programs and devices using SMB v1 on the network, then, of course, it is better to disable the old protocol. Moreover, if the shutdown on the Windows 8/2012 SMB server is performed using the Powershell cmdlet, then for Windows 7/2008 you will need to edit the registry. This can be done using Powershell too:
Set – ItemProperty –Path "HKLM: \\ SYSTEM \\ CurrentControlSet \\ Services \\ LanmanServer \\ Parameters" SMB1 –Type DWORD –Value 0 –Force
Or in any other convenient way. However, a reboot is required to apply the changes.
To disable SMB v1 support on a client, just stop the service responsible for its operation and fix the dependencies of the lanmanworkstation service. This can be done with the following commands:
sc.exe config lanmanworkstation depends \u003d bowser / mrxsmb20 / nsi sc.exe config mrxsmb10 start \u003d disabled
For the convenience of disabling the protocol across the entire network, it is convenient to use group policies, in particular Group Policy Preferences. With the help of them, you can conveniently work with the registry.
Creating a registry entry through group policies.
To disable the protocol on the server, just create the following parameter:
- value: 0.
path: HKLM: \\ SYSTEM \\ CurrentControlSet \\ Services \\ LanmanServer \\ Parameters;
new parameter: REG_DWORD with the name SMB1;
Create a registry key to disable SMB v1 on the server through Group Policy.
To disable SMB v1 support on clients, you need to change the value of two parameters.
First, disable the SMB v1 protocol service:
- value: 4.
path: HKLM: \\ SYSTEM \\ CurrentControlSet \\ services \\ mrxsmb10;
parameter: REG_DWORD named Start;
We update one of the parameters.
Then we will fix the dependency of the LanmanWorkstation service so that it does not depend on SMB v1:
- value: three lines - Bowser, MRxSmb20 and NSI.
path: HKLM: \\ SYSTEM \\ CurrentControlSet \\ Services \\ LanmanWorkstation;
parameter: REG_MULTI_SZ named DependOnService;
And replace with another.
After applying Group Policy, you must restart your organization's computers. After reboot, SMB v1 will no longer be used.
Works - don't touch
Oddly enough, this old commandment is not always useful - ransomware and Trojans can be found in infrastructure that is rarely updated. However, inaccurate shutting down and updating services can paralyze an organization just like a virus.
Tell us, have you already disabled SMB of the first version? Were there many victims?