SharePoint Tidbit - Disabling SMB1 so that you can sleep better at night

Published May 15 2019 03:31 PM 1,040 Views

First published on TECHNET on Dec 20, 2018
Hello All,

Recently I performed a RaaS with a customer and it provided a new recommendation that I thought would be great to pass along to you.

Disable SMB1 on your server.

This is an amazing suggestion as we have other versions of the protocol to do the work for you and due to the mess caused by the Wannacrypt ransomware it has become obvious that we should clean up these older protocols. And if you can’t remember SMB or Server Message Block is a network file sharing protocol meant for sharing files, printers, etc, between computers. There are three versions – Server Message Block (SMB) version 1 (SMBv1), SMB version 2 (SMBv2), and SMB version 3 (SMBv3).

Follow these steps to Disable the protocol on a per Server basis

For Windows 7, Windows 2008, and Windows 2008 R2 via PowerShell (This requires a reboot of the server)

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force

For Windows 8.1, and Windows 10 via PowerShell

Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

For Windows 2012 R2, and Windows 2016 via PowerShell

Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol

For more info check this article


Version history
Last update:
‎Apr 29 2020 10:18 AM
Updated by: