Care Required When Disabling SMB 2.0

Windows Vista / 2008 introduced SMB 2.0, the first major update to the SMB protocol in 6 years. Server Message Block is the protocol used for Windows file sharing, so it’s a very important basic component in a Windows network. SMB2 has a number of improvements over SMB1, but unfortunately buggy implementation and badly designed legacy applications mean that quite often you’ll have to disable use of SMB 2.0 to improve stability.

Although Microsoft didn’t originally intend for SMB 2.0 to be disabled at all, they were forced to publish their ‘approved’ method of doing so (due to the high volume of bugs and hotfixes): MS KB 2696547
Anyway, we decided to disable SMB 2.0 on a number of Windows 7 clients by manually running the script:

sc config lanmanworkstation depend= bowser/mrxsmb10/nsi
sc config mrxsmb20 start= disabled
@echo off
echo smb 2.0 disabled.  Please reboot now to apply these changes.

Due to a misunderstanding (ah-hem), this script ended up being run on several XP machines and a 2003 server. Come the next boot it turned out that these machines were no longer able to perform remote logons or access file shares. Checking the event logs and the services management snap-in showed that the netlogon service failed to start because it depends upon the lanmanworkstation service which failed to start because of this new dependency “depend= bowser/mrxsmb10/nsi”. The mrxsmb10 driver doesn’t exist on XP machines – it’s just mrxsmb.sys.

Once the cause of the problem had been identified the fix was a simple one-liner:

REG DELETE HKLM\SYSTEM\CurrentControlSet\Services\lanmanworkstation /v DependOnService

So there we have it: don’t try and disable SMB 2.0 on Windows XP clients!

No Comments Yet.

Leave a Comment