0

With the whole WannaCry issue our headquarters wants to disable SMBv1.

Our shop received a few servers that they are stating has SMBv1 on. I have scanned the servers with Get-WindowsFeature and Get-WMIObject win32_optionalfeature and only one server comes back with SMBv1 feature installed.

I did a Get-SmbServerConfiguration command and it states that EnableSMB1Protocol attribute is showing false.

My question, is there another way to find out if SMBv1 is installed/enabled that I'm missing, since they are stating multiple servers have it.

Yet, I am only pulling one server that has it installed, but the feature is disabled?

jcbermu
  • 17,822
user3451049
  • 13
  • 2

1 Answers1

1

As per Microsoft's advice page you can check the config via

This should be ran in powershell.

Get-SmbServerConfiguration | Select EnableSMB1Protocol, EnableSMB2Protocol

To disable SMBv1 on the SMB server, run the following cmdlet:

Set-SmbServerConfiguration -EnableSMB1Protocol $false

So yes, you can have SMBv1 installed, but not enabled, however, as you're never going to use it again it maybe worth removing when possible. Less options to monitor means less code to maintain.

djsmiley2kStaysInside
  • 6,943
  • 2
  • 36
  • 48