none
SMBv1 for Legacy Applications

    Question

  • Hello All,

    I'm writing to ask for some questions regarding SMBv1 support (Windows 10) for "legacy" applications.

    Environment Description

    An application, installed on Windows 10 build 1803 (acting as client), access to its databases through a mapped drive (network share hosted by another Windows 10 - same build - acting as server). it isn't a legacy application but requires SMBv1. Once launched, it discovers SMBv2 is in use, and asks for applying changes to Windows in order to force SMBv1. 

    If I proceed, it makes some changes, but then, Workstation and Netlogon services don't start (error 1705) and I cannot access to any network share.

    After an investigation, I noticed it enabled the SMBv1 and changed one value inside DependOnService registry under HKLM\SYSTEM\CurrentControlSet\Services\LanmanWorkstation from

    Bowser
    MRxSmb20
    NSI

    to

    bowser
    mrxsmb10
    nsi

    If I restore previous configuration, manually, both services work again.

    These are my questions:

    1. Is the above change supported on Windows 10 ? Section "How to detect status, enable, and disable SMB protocols on the SMB Client" from MS article How to detect, enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server lists the same change made by my application, but it doesn't apply to Windows 10.

    2. To force SMBv1 usage, shouldn't I enable SMBv1 Client on Windows 10, where the application is installed (already done), and disable SMBv2 Server on Windows 10 where databases reside ?

    3. MS article SMBv1 is not installed by default in Windows 10 Fall Creators Update and Windows Server, version 1709 and later versions suggests to set Leasing mode "to allow a legacy application to work with SMBv2 or a later version". This means it wouldn't be necessary to enable SMBv1 and I can use SMBv2 for legacy applications. Did I understand well ?

    Thank you,
    Luca


    Disclaimer: This posting is provided AS IS with no warranties or guarantees, and confers no rights. Whenever you see a helpful reply, click on [Vote As Help] and click on [Mark As Answer] if a post answers your question.

    • Edited by Luca Fabbri Friday, December 28, 2018 11:17 PM
    Friday, December 28, 2018 11:13 PM

Answers

All replies

  •   Microsoft does not support SMBv1 at all because of its security problems. If you need to enable either option, Client or Server, you are not supported. The Client option is the workstation service and the Server option is the server service. It looks like you application requires SMBv1 and is not going to work without it. In your case it would probably work with just the server service on the "server" PC and the workstation service on the clients, but you would still not be supported.

      I have seen that message about Leasing Mode but I have not tried it and do not know if it works. Even if it worked for the clients, your "server" PC would need at least the server service, so you are still not supported.

     

     

    Bill

    Saturday, December 29, 2018 12:09 AM
  • Hello guys,

    just a feedback about this post.

    I contacted the company who developed the application: they sent a detailed document on how SMB should be configured for their software; at the end I setup SMBv1 is not installed by default in Windows 10 Fall Creators Update and Windows Server, version 1709 and later versions.

    Regards,
    Luca


    Disclaimer: This posting is provided AS IS with no warranties or guarantees, and confers no rights. Whenever you see a helpful reply, click on [Vote As Help] and click on [Mark As Answer] if a post answers your question.

    • Marked as answer by Luca Fabbri Saturday, January 12, 2019 11:14 AM
    Saturday, January 12, 2019 11:13 AM