Enabling network sharing with smbv1 disabled and smbv2 enabled


  1. lqlaow
    Posts : 34
    windows 10
       New #1

    Enabling network sharing with smb1 disabled and smb2 enabled


    We all know about how people at microsoft make smbv1 mandatory to share folder across a local network, which exposes us to ransomwares. people at Microsoft have no concerns for security, despite being in IT business for the last 30 years....
    in windows 10 , like 1809, the trick is to enable smbv2 and disable smbv1, but like they say here it prevents some background process to start SMB1 disabled, SMB2 enabled; Can no longer access network shares

    Fortunately i found a blog on how to get file sharing securely

    first put back the windows firewall to default settings, to be sure

    just to be sure, get those two new services enabled

    get-Service fdPHost,FDResPub|Set-Service -startuptype automatic -passthru|Start-Service

    then follow all those lines Mapped network printers unavailable due to SMB1 being obsolete – Xenit Technical

    Enable SMB v2 Client
    sc.exe config lanmanworkstation depend= bowser/mrxsmb10/mrxsmb20/nsi
    sc.exe config mrxsmb20 start= auto

    Enable SMB v2 Server
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB2 -Type DWORD -Value 1 –Force
    Restart
    Disable SMB v1 Client
    sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi
    sc.exe config mrxsmb10 start= disabled

    Disable SMB v1 Server
    Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force
    Restart

    Detect SMB v2 Client status
    sc.exe qc lanmanworkstation

    Detect SMB v2 Server status
    Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters | ForEach-Object {Get-ItemProperty $_.pspath}




    You can also check you have smbv1 disabled with

    Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol

    THe official command lines by microsoft are those

    Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol
    Get-WindowsOptionalFeature –Online –FeatureName SMB1Protocol
    Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
    Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
    Get-SmbServerConfiguration | Select EnableSMB2Protocol
    Set-SmbServerConfiguration –EnableSMB2Protocol $false
    Set-SmbServerConfiguration –EnableSMB2Protocol $true
    Last edited by lqlaow; 19 Jun 2020 at 00:21.
      My Computer
    Quote Quote

 

  Related Discussions
I have a couple Drobo 5N's attached to a switch and then to my network. I can't see them in Network but I can see them in Drobo Dashboard. I know you can enable SMBv1 in Windows 10. It's only when it's enabled in Windows 10 is when I can see...
Hello everyone!! I want to disable the Intel UHD 620 graphics on my laptop. But as soon as I do so, the sleep option gets disabled from the system. There is a long painful story behind why I don't want to re-enable the graphics card. ...
Hello! If I disable websearch in the taskbar by setting the key Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search\ConnectedSearchUseWeb to 0 and/or I disable Cortana completely either by setting the key...
Hey All, After the recent Wanncry attacks I disabled SMB1 protocol as per the cautionary suggestions from Msft et al. Now I can no longer access my network shares via File Explorer. I am still able to access the network device using IP address...
Hey guys, So a few months ago I was trying to run an android vm using GenyMotion. The app I wanted to use, however, required it to be running with hardware assisted virtualization, which I enabled in the BIOS. I downloaded the microsoft HAV and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 16:27.
Find Us




Windows 10 Forums