Share via

SMB version 1

Handian Sudianto 6,666 Reputation points
2024-09-27T07:44:00.9266667+00:00

Hello,

I have cctv camera and only can connect to share folder using SMBv1 version. When i try connecting this cctv to standalone windows server, the cctv is able to connect.

When i change the connection to windows server which joined to Active Directory, the cctv is not able to access the share folder even SMBv1 is enabled.

When i try capture using wireshark i got connection reset, anyone know why?

User's image

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
Windows for business | Windows Server | User experience | Other
0 comments
Answer accepted by question author
  1. Anonymous
    2024-09-30T06:14:25.2466667+00:00

    Hello,

    If the CCTV camera can connect to a standalone Windows server using SMBv1 but cannot connect to a Windows server that is joined to an Active Directory domain, it suggests that there might be a domain-related configuration or policy that’s affecting the connection.

    1、Check any domain-level policies that might be overriding local security settings. This could include group policies that disable SMBv1 or restrict access to network shares.

    Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options

    Computer Configuration\Policies\Administrative Templates\Network\Lanman Workstation

    2、Local Security Policy: On the domain-joined server, run secpol.msc and check the Local Policies, specifically Security Options, to make sure that SMBv1 is not being restricted or required security settings are not preventing access.

    3、Test SMBv1 Manually: On a separate computer, try to manually map the network share using SMBv1 to ensure that SMBv1 is indeed working as expected on the AD-joined server.

    4、Disabel firewall and network inspection devices.

    5、NTLM Authentication Level: Sometimes, the NTLM authentication level enforced by the domain can prevent SMBv1 connections. You can check this setting within the group policy editor under:

    Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options

    Network security: LAN Manager authentication level

    If the issue still insists, also try to look at the System and Application logs, as well as the Security logs, in the Event Viewer for any events that correspond to the time of the failed connection attempts.

    Best Regards,

    Hania Lian

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Handian Sudianto 6,666 Reputation points
    2024-09-30T06:20:49.4066667+00:00

    Hi..

    The problem already solved by disable the SMB signing on the local policy.

    Microsoft network server: Digitally sign communications (always) set to disable.

    0 comments
  2. Handian Sudianto 6,666 Reputation points
    2024-11-01T14:09:51.2533333+00:00

    The problem already solved by disable the SMB signing on the local policy.

    Microsoft network server: Digitally sign communications (always) set to disable.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.