SMB Network share issue

czql5v 221 Reputation points
2024-04-08T11:11:12.7666667+00:00

Hi All,

We have encountered a problem what appears to be network issues where share connections from our windows 10 & 11 clients which reside on a particular subnet (24).

Some history about the problem - I am unable to map a drive e.g. \Testmachine\c$ to any devices in the following subnet .24 I am able to connect to subnets outside - the difference between these two sets of networks are the broken set .24 use a different firewall, when we attempt to map the drive we get this error message: You cant connect to the file share because it's not secure. This share requires the obsolete SMB1 protocol, which is unsafe and could expose your system to attack. Your system requires SMB2 or higher. For more info on resolving this issue, see: http://gp.microsoft.com/fwlink/?linkid=852747 this also prevents WMI connectivity to these devices to some extent and prevents MCM client push as access to the admin$ share cannot be made.

This particular problem is affecting quite a significant number of client machines (100 plus).

Troubleshooting I have attempted.

Ping from .24 to all subnets is successful.

Test-netconnection -computer from a powershell command is successful for all the devices on all subnets.

I have moved a .24 device out of an OU which has specific GPO firewall rules associated with it to an OU where there are no GPO's policies Linked. We still get the same issue.

The account used for attempting to connect to test connect to a share via UNC had admin rights.

Has anyone had any similar issues - we have asked the network engineers to take a look at the firewalls and they have stated that there are no filters or blockages on the firewalls. Can someone help with this situation as we are hitting a dead-wall.

Any advice or help would be greatly appreciated.

Regards.

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,624 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marcin Policht 24,035 Reputation points MVP
    2024-04-08T11:19:42.8+00:00

    Enforce SMB 3.x on the client computers on that subnet and on the target server.

    Details at https://learn.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3?tabs=server


    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

    0 comments No comments

  2. Jing Zhou 6,865 Reputation points Microsoft Vendor
    2024-04-10T05:30:02.3333333+00:00

    Hello,

     

    Thank you for posting in Q&A forum.

    This error could be caused by the SMB version mismatch.

    The SMB server require SMB v1 but your client is enabled with SMB v2.

    Now SMB v1 is not recommended any more as there could be some security issue, hence you need to check with your security team and take further action:

    If you take final decision to user SMB v1, you need to enable SMB v1 on client by command:

     

    Check:

    Get-SmbServerConfiguration | Select EnableSMB1Protocol

     

    Enable:

    Set-SmbServerConfiguration -EnableSMB1Protocol $true

    If you take final decision to user SMB v2, you need to enable SMB v2 on server by command:

     

    Check:

    Get-SmbServerConfiguration | Select EnableSMB2Protocol

     

    Enable:

    Set-SmbServerConfiguration -EnableSMB2Protocol $true

     

    To help other customers who may be facing the same issue, please don't forget to vote if the reply is helpful.

     

    Best regards,

    Jill Zhou

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.