从Windows Server 2016 1709(和Windows 10 Fall Creators)开始,默认情况下禁用SMBv1组件(客户端和服务器)(也禁用来自SMBv2的访客访问)。要使用过时版本的协议访问旧系统,必须单独安装。您需要安装SMB 1.0 / CIFS文件共享支持功能并使用以下命令启用SMB 1.0:
Add-WindowsFeature FS-SMB1
Set-SmbServerConfiguration -EnableSMB1Protocol $true
禁用
Set-SmbServerConfiguration -EnableSMB1Protocol $false
How to detect, enable and disable SMBv1, SMBv2, and SMBv3 in Windows
Summary
This article describes how to enable and disable Server Message Block (SMB) version 1 (SMBv1), SMB version 2 (SMBv2), and SMB version 3 (SMBv3) on the SMB client and server components.
Important
We recommend that you do not disable SMBv2 or SMBv3. Disable SMBv2 or SMBv3 only as a temporary troubleshooting measure. Do not leave SMBv2 or SMBv3 disabled.
In Windows 7 and Windows Server 2008 R2, disabling SMBv2 deactivates the following functionality:
- Request compounding - allows for sending multiple SMB 2 requests as a single network request
- Larger reads and writes - better use of faster networks
- Caching of folder and file properties - clients keep local copies of folders and files
- Durable handles - allow for connection to transparently reconnect to the server if there is a temporary disconnection
- Improved message signing - HMAC SHA-256 replaces MD5 as hashing algorithm
- Improved scalability for file sharing - number of users, shares, and open files per server greatly increased
- Support for symbolic links
- Client oplock leasing model - limits the data transferred between the client and server, improving performance on high-latency networks and increasing SMB server scalability
- Large MTU support - for full use of 10-gigabye (GB) Ethernet
- Improved energy efficiency - clients that have open files to a server can sleep
In Windows 8, Windows 8.1, Windows 10, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, and Windows Server 2019, disabling SMBv3 deactivates the following functionality (and also the SMBv2 functionality that's described in the previous list):
- Transparent Failover - clients reconnect without interruption to cluster nodes during maintenance or failover
- Scale Out – concurrent access to shared data on all file cluster nodes
- Multichannel - aggregation of network bandwidth and fault tolerance if multiple paths are available between client and server
- SMB Direct – adds RDMA networking support for very high performance, with low latency and low CPU utilization
- Encryption – Provides end-to-end encryption and protects from eavesdropping on untrustworthy networks
- Directory Leasing - Improves application response times in branch offices through caching
- Performance Optimizations - optimizations for small random read/write I/O
More Information
The SMBv2 protocol was introduced in Windows Vista and Windows Server 2008.
The SMBv3 protocol was introduced in Windows 8 and Windows Server 2012.
For more information about the capabilities of SMBv2 and SMBv3 capabilities, see the following articles:
How to gracefully remove SMB v1 in Windows 8.1, Windows 10, Windows 2012 R2, Windows Server 2016, and Windows Server 2019
PowerShell methods
SMB v1 (client and server)
Detect:
PowerShellGet-WindowsOptionalFeature -Online -FeatureName smb1protocol
Disable:
PowerShellDisable-WindowsOptionalFeature -Online -FeatureName smb1protocol
Enable:
PowerShellEnable-WindowsOptionalFeature -Online -FeatureName smb1protocol
没有评论:
发表评论