This is a simple Enabled/Disabled/Not Configured setting that controls the “SMB1” registry value in HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters. , to disable or enable server-side processing of the SMBv1 protocol.
Due to the limitations of the ADMX syntax, we ended up implementing it through three separate settings: We wanted these custom settings to work for all supported versions of Windows and to be reversible so that SMBv1 could be re-enabled if necessary.
Applying settings incorrectly can cause serious problems. That said, theĪre not a natural fit for GPO management, so you need to be careful while using it. We have added that recommendation to our baseline, and have exposed a way to do so through Group Policy editors for local or domain GPOs by adding to the custom “MS Security Guide” ADMX. There are many reasons to cease using it on your networks. Version 1 of the Server Message Block (SMB) protocol was developed in the early days of personal computer networking, and as Ned Pyle describes in his blog post, First published on TechNet on Jun 15, 2017
0 kommentar(er)
