Sysadmins of the North
Share now!





How to verify SMBv1 is disabled in Windows and Windows Server

Since WannaCry and Petya ransomware were spreading through Windows systems in 2017, it’s recommended to have Server Message Block version 1 (SMBv1) disabled in Windows clients and Windows Server. Now SMBv1 is not installed by default in Windows 10 1709 and Windows Server, version 1709 and later, but how can you be sure it is disabled in older Windows versions? Easy, use PowerShell.

Sometimes you want the reassurance you did something right in the past. Suppose you want to want to test if Windows versions older than Windows 10 and Windows Server 2016 have SMBv1 disabled, then you use PowerShell to verify the following registry value is not present or set to 0:

HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\SMB1

In PowerShell, you can get all your computers and servers in your Active Directory Domain using Get-ADComputer, and you can query that list with Invoke-Command to verify SMBv1 is disabled.

For example:

Get-ADComputer -Filter {(enabled -eq $True) -and (OperatingSystem -Like "Windows Server*")} | % {
	invoke-command -ComputerName $_.DNSHostName -scriptblock {
		If ( (Get-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters").SMB1 -eq 1 ) {
			Write-Output "SMBv1 is enabled on ${env:computername}"
		}
	}
}

This is one of those ways to increase Windows Server security in your environment. You may find more information in Microsoft’s Support article “How to detect, enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server“.

This may interest you:   Deny vulnerable WordPress plugins using Windows Server File Server Resource Manager's File Screens

buy me a coffee
Buy Me A Coffee

About the Author Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.

follow me on:


Thank you!

Leave a Comment:

Skip to content