- To check the SMB connection, Get-SmbConnection powershell can be used to retrieves the connections established from the SMB client to the SMB servers.
Example: Get connections from an SMB client to SMB servers
2. To Detect SMB version, ther are many methods to do so.
Example 1: To detect SMBv1 in Windows, run this Get-SmbServerConfiguration :
Get-WindowsOptionalFeature -Online -FeatureName smb1protocol
To detect SMBv2 and v3 in Windows, run this powershell:
Get-SmbServerConfiguration | Select EnableSMB2Protocol
Example 2: Detect SMBv1 on SMB Server using Get-Item powershell
Get-Item HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters | ForEach-Object {Get-ItemProperty $_.pspath}
2. Enable or disable SMBv1
a. Use Set-SmbServerConfiguration -EnableSMB1Protocol $true or false powershell command for enanling/disabling SMBv1.
Run SeT-SmbServerConfiguration to enable/disable SMBv2/3. Note: When you enable or disable SMBv2 in Windows 8 or Windows Server 2012, SMBv3 is also enabled or disabled. This behavior occurs because these protocols share the same stack.
Set-SmbServerConfiguration -EnableSMB2Protocol $true
or
Set-SmbServerConfiguration -EnableSMB2Protocol $false
b. Run Enable-WindowsOptionalFeature command for enabling/disabling SMBv1:
Enable-WindowsOptionalFeature -Online -FeatureName smb1protocol
or
Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol for enabling/disabling SMBv1
c. Use Registry Editor
To enable or disable SMBv1 on the SMB server, configure the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Registry entry: SMB1
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled (No registry key is created)
To enable or disable SMBv2 on the SMB server, configure the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Registry entry: SMB2
REG_DWORD: 0 = Disabled
REG_DWORD: 1 = Enabled
Default: 1 = Enabled (No registry key is created)
