Since WannaCry and Petya ransomware were spreading through Windows systems in 2017, it’s recommended to have Server Message Block (SMB) version 1 disabled in Windows clients and Windows Server. Now SMBv1 is not installed by default in Windows 10 1709 and Windows Server, version 1709 and later, but how can you be sure it is disabled in older versions of Windows? Easy: PowerShell.

Sometimes you want the reassurance you did something right in the past. Suppose you want to want to test if Windows versions older than Windows 10 and Windows Server 2016 have SMBv1 disabled, then you use PowerShell to verify the following registry value is not present or is set to 0:


In PowerShell, you can get all your computers and servers in your Active Directory Domain using Get-ADComputer, and you can query that list with Invoke-Command to verify SMBv1 is disabled.

For example:

Get-ADComputer -Filter {(enabled -eq $True) -and (OperatingSystem -Like "Windows Server*")} | % {
	invoke-command -ComputerName $_.DNSHostName -scriptblock {
		If ( (Get-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters").SMB1 -eq 1 ) {
			Write-Output "SMBv1 is enabled on ${env:computername}"

This is one of those ways to increase Windows Server security in your environment.

Want to say thanks?

If I’ve helped you out and you want to thank me, why not buy me a coffee?

If I’ve helped you out and you want to thank me, why not buy me a coffee?

Thank you for your support. ♥

Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link:

Leave a Reply

Your email address will not be published. Required fields are marked *

18 queries, 0.118 seconds running PHP version 7.3.2