How to disable SMB v1 using Powershell

Hey guys,

long time no see!

As you may be aware, there has been some malware activities within last few days and your Windows environments could be affected as well. One of the recommendations is to disable SMB v1 protocol and here’s how to do it using Powershell.

First, get the configuration

>= Windows 2012 systems

Get-SmbServerConfiguration | select "*enablesmb*"

Windows 2008 systems (Vista, 7)

Get-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1

If it returns something like “Cannot find path” it has not been configured, therefore it is enabled.

 

You can see whether SMB v1 is enabled or not, if it is, run following command to disable it.

>= Windows 2012 systems

Set-SmbServerConfiguration -EnableSMB1Protocol $false

Windows 2008 systems (Vista, 7)

Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters” SMB1 -Value 0 –Force

 

Let me know whether it worked for you or not.

 

Have a good day!

Robot(ICT) guy

Published by

Lukas Vu

I started in IT with my own business since high school providing automated and centralized hosting solutions to end customers. Nowadays I'm focusing on corporate area, analyzing, managing and improving customer's IT environments. My main focus nowadays is automation and architectural improvements.

Leave a Reply

Your email address will not be published. Required fields are marked *