New
#41
Now I'm totally confused (again, what's new?). I powerted off overnight as usual and when I just checked SMB1 is still fully disabled:
but the registry key is now there:
I ran the .reg zap again and set AllowInsecureGuestAuth to 0x1.Code:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters EnablePlainTextPassword REG_DWORD 0x0 EnableSecuritySignature REG_DWORD 0x1 RequireSecuritySignature REG_DWORD 0x0 ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\wkssvc.dll ServiceDllUnloadOnStop REG_DWORD 0x1 AllowInsecureGuestAuth REG_DWORD 0x0
None of my systems have the Lanman Worksation setting and are all working correctly. All Windows 10 Pro 1803 fully updated
All fileshares also have NTFS Security Settings for the files and folders set from Properties Security... set to share full control with the Administrators group and my actual Main user name
For comparison this is the Lanman Workstation Properties list on all systems
@Ztruker
Are you stil on 1709 or are you up to date with 1803?
The SMBv1 protocol in 1709 was set to disable the protocol, on a timer if it was re-enabled - I think it was a scheduled task, which may explain the state being off when you checked - the scheduled task is removed in 1803, as the Wannacry vulnerability is fully patched now
I solved the problem here........... I rolled back to 1709 and haven't looked back since........... As big as M$ is, there should not be any problems with local networking..... none at all. This is the biggest FUBAR I can remember. I won't go to another version until THEY admit and fix this atrocity of an OS.
SMBv1 has not been needed for some considerable time, for general networking between Windows systems It has been superseded twice and the revision is now SMBv3 which has itself been around for a few years, (Vista?). SMB or Small Block Messaging is a system that is used by UNIX and it's derivatives, (Linux, MAC OS, and Android), so Microsoft developed the Windows SMB protocol to allow communication with these devices.
Although most of the current "nix" operating systems are now compliant with the latest Microsoft Protocol SMBv3, (or SMBv2), there are a lot of devices that use a cut down "Embedded" OS and many of these are still relient on the use of SMBv1 for access so Windows 10 1709 and 1803 and likely all those going forwards, will not communicate on a network where SMBv1 is not active. These include a lot of modern AV Media devices From Large screen UHD "4K" TVs to the NAS storage systems that are so popular today . Things such as Android phones that use Wireless, and the Router Connected Storage appear to be mostly immune to this issue but not all.
The cause of "all" the changes to the Windows Networking system, (Not Homegroup which is withdrawn due to other issues), is the widespread, and expensive to business users, Wannacry outbreak Last year
The Vulnerability that was used to by wannacry was already mostly patched In Windows 10 on Release in 2015, (which was why it was mostly businesses still using unpatched XP and Windows 7 that suffered), but there was a small chance of of another route being used so the Protocol was disabled in 1709, and a scheduled task included to keep it disabled if it was enabled by the user, whilst MS Boffins worked through the issue. The full patch was in place when 1803 released so although the Protocol is still disabled by default it stays enabled if you set it so.
It is safe to use the new patched Version of Windows 10 with SMBv1 on Windows 10 if you have any devices that require it , I would be less confident using XP or Win7 with the protocol active but should be OK with care and a good Anti Ransomware system.
There has been some discussion as to the use of SMBv1 in the Basic "Browser Service" that has been used for many years to find and broadcast Networked device names and this could be true and the reason for the Use of the two "New services Now being Required, Function Discovery Provider Host & Function Discovery Resource Publication, which from the name would appear to do a similar, the Same, Job as the old Browser system. These are on delayed start so as not no get lost in the maelstrom of activity on a normal windows boot (and they probably are dependent on other services).
For those in a Mixed Windows only Network infrastructure, It should be fine to leave SMBv1 disabled
Whatever setup you decide on it must be a system wide setting on all devices not just one that has an issue if only to keep the error log clear of thousands of unimportant messages from the one system you left in a different network state to the others
Excellent information Nigel, many thanks.
Now if I (we?) only had a sure fire way to make sharing between windows computers on a local network do what it's supposed to do as it used to prior to Windows 10 I'd be happy. I have a mixed bag of Windows 10, 7, 8, Vista and XP computers at various times with two Win 10 computers being the ones that are always there. I never know from day to day what computer will see what computer. This is with and without SMBV1 enabled, with and without Password protected sharing enabled or disabled and a host of other attempts to fix this.
Many times it's simpler and quicker to dump stuff I need to a flash drive and move it between computers. Very frustrating. I don't understand why Microsoft can't, or won't, fix this. It's ubiquitous and completely reproducible and for me the #1 problem in Windows 10 today.