In Windows 10, version 1709 (RS3) and Windows Server, version 1709 (RS3), the Server Message Block version 1 (SMBv1) network protocol is no longer installed by default. It was superseded by SMBv2 and later protocols starting in 2007. Microsoft publicly deprecated the SMBv1 protocol in 2014.
SMBv1 has the following behavior in Windows 10, version 1709 (RS3) and Windows Server, version 1709 (RS3):
- SMBv1 now has both client and server sub-features that can be uninstalled separately.
- Windows 10 Enterprise and Windows 10 Education no longer contain the SMBv1 client or server by default after a clean installation.
- Windows Server 2016 no longer contains the SMBv1 client or server by default after a clean installation.
- Windows 10 Home and Windows 10 Professional no longer contain the SMBv1 server by default after a clean installation.
- Windows 10 Home and Windows 10 Professional still contain the SMBv1 client by default after a clean installation. If the SMBv1 client is not used for some time, it automatically uninstalls itself.
- The SMB version 2.02, 2.1, 3.0, 3.02, and 3.1.1 features are still fully supported and included by default as part of the SMBv2 binaries.
- Because the Computer Browser service relies on SMBv1, the service is uninstalled if the SMBv1 client or server is uninstalled. This means that Network Neighborhood can no longer display Windows computers through the legacy NetBIOS datagram browsing method.
- SMBv1 can still be reinstalled in all editions of Windows 10 and Windows Server 2016.
If you try to connect to devices that support only SMBv1, or if these devices try to connect to you, you may receive one of the following errors messages:
You can't connect to the file share because it's not secure. This share requires the obsolete SMB1 protocol, which is unsafe and could expose your system to attack.
Your system requires SMB2 or higher. For more info on resolving this issue, see: https://go.microsoft.com/fwlink/?linkid=852747
The specified network name is no longer available.
Unspecified error 0x80004005
System Error 64
The specified server cannot perform the requested operation.
These devices are unlikely to be running Windows and are more likely running older versions of Linux, Samba, or other types of third party software to provide SMB services. Often, these versions of Linux and Samba are themselves no longer supported.
To work around this issue, contact the manufacturer of the product that supports only SMBv1 to request a software or firmware update that support SMBv2.02 or a later version. For a current list of known vendors and their SMBv1 requirements, see the following:
If SMBv1 is required to provide application compatibility for legacy software behavior, such as a requirement to disable oplocks, Windows 10 and Windows Server, version 1709 provide a new SMB share flag that's known as Leasing mode. This flag specifies whether a share disables modern SMB semantics such as leases and oplocks.
To specify a share without using oplocks or leasing to allow a legacy application to work with SMBv2 or a later version, use the New-SmbShare or Set-SmbShare PowerShell cmdlets together with the -LeasingMode None parameter.
Note You should use this option only on shares that are required by a third-party application for legacy support if the vendor states that it is required. Do not specify Leasing mode on user data shares or CA shares that are used by Scale-Out File Servers. This is because the removal of oplocks and leases causes instability and data corruption in most applications. Leasing mode works only in Share mode. It can be used by any client operating system.
For home and small business users who use Network Neighborhood to locate Windows computers, you shoud map drives to the computers so that you no longer have to browse for them. You can also type the computer name into the address bar to see all its shares. You can do the same for printers. An administrator can configure printers for location by methods other than the legacy Computer Browser service by using IP addresses, Active Directory, Bonjour, mDNS, uPnP, and so on.
If you cannot use any of these workarounds, or if the application manufacturer cannot provide supported versions of SMB, you can re-enable SMBv1 manually by following the steps in KB 2696547.
Important Microsoft strongly recommends that you not reinstall SMBv1 because this older protocol has known security issues regarding ransomware and other malware.
Article ID: 4034314 - Last Review: Sep 18, 2017 - Revision: 32