SharePoint Tidbit – Disabling SMB1 so that you can sleep better at night

This post has been republished via RSS; it originally appeared at: Premier Field Engineering articles.

First published on TECHNET on Dec 20, 2018
Hello All,

Recently I performed a RaaS with a customer and it provided a new recommendation that I thought would be great to pass along to you.

Disable SMB1 on your server.


This is an amazing suggestion as we have other versions of the protocol to do the work for you and due to the mess caused by the Wannacrypt ransomware it has become obvious that we should clean up these older protocols. And if you can’t remember SMB or Server Message Block is a network file sharing protocol meant for sharing files, printers, etc, between computers. There are three versions – Server Message Block (SMB) version 1 (SMBv1), SMB version 2 (SMBv2), and SMB version 3 (SMBv3).

Follow these steps to Disable the protocol on a per Server basis

For Windows 7, Windows 2008, and Windows 2008 R2 via PowerShell (This requires a reboot of the server)

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force

For Windows 8.1, and Windows 10 via PowerShell

Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol


For Windows 2012 R2, and Windows 2016 via PowerShell

Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol


For more info check this article

Pax

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.