Unable to disable SMB negotiation in Windows 10.
Learn why you cannot disable SMB negotiation in Windows 10.
February 7, 2016
Q. I'm trying to disable SMB secure negotiation in Windows 10 but its not working, why?
A. SMB Secure Negotiation enables the SMB client and server verify the integrity of the negotiation request and response messages, protecting against man-in-the-middle attacks trying to downgrade the dialect negotiation and therefore the security. While this is a good thing there were some third-party SMB implementations that did not properly handle the secure negotiation and so Microsoft added a key to disable the negotiation. In Windows 10 the ability to remove the secure negotiation has been removed as the key vendors now correctly handle the negotiation and not using the secure negotiation exposes customers to attack. This applies to both SMB 2 and 3 in Windows 10/Windows Server 2016. This is documented at http://blogs.technet.com/b/josebda/archive/2015/05/05/what-s-new-in-smb-3-1-1-in-the-windows-server-technical-preview-2.aspx.
About the Author
You May Also Like