Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




2195 posts

Uber Geek


#272686 9-Jul-2020 13:01
Send private message quote this post

Win10 2004 SMB1 mapped drive issue

Hi . Has anyone found a fix for the new 2004 build's SMB1 bug.
Its causing chaos at one site .
Im having to roll back to the previous 1909 build and pause updates as a temp fix .

Yes, they do need to keep using SMB1 :-)

 

 


Filter this topic showing only the reply marked as answer Create new topic
1990 posts

Uber Geek

Trusted
Subscriber

  #2520071 9-Jul-2020 13:17
Send private message quote this post

Pretty sure it's been disabled it for security purposes.

 

refer here to re-enable (but look to see if you can move off SMB1 really!)

 

https://www.prajwaldesai.com/cant-connect-to-file-share-obsolete-smb1-protocol/





CPU: Intel 3770k| RAM: F3-2400C10D-16GTX G.Skill Trident X |MB:  Gigabyte Z77X-UD5H-WB | GFX: GV-N660OC-2GD gv-n660oc-2gd GeForce GTX 660 | Monitor: Qnix 27" 2560x1440

 

 


6376 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #2520079 9-Jul-2020 13:28
Send private message quote this post

Don't know why people would be rolling out 2004 to production given all it's current issues.

 

Don't use SMB1.  If you were to engage a security auditor it'd be one of the first things showing up in red on their report.


 
 
 
 




2195 posts

Uber Geek


  #2520095 9-Jul-2020 14:18
Send private message quote this post

they do need to keep using SMB1 (CNC machines). Its internal only. Actual Security risk is pretty much zero .
Small businesses across the country do use old systems.  Thats just a fact of life . I have 2 clients still using DOS :-)

 

SMB1 is enabled in Win10 and was working in previous Win10 builds .

 

Its the latest 2004 build thats made it unusable for these mapped drives , to the extent it will hang PCs if clicking on those now broken
mapped drives.
2004 was auto installed by Win10 . 2004 is being rolled out & auto installed across the planet regardless. (I do agree not to rush in with these
build updates where possible)

 

 


568 posts

Ultimate Geek


  #2520446 9-Jul-2020 23:41
Send private message quote this post

Do they have a Linux box somewhere?  I have a Ubuntu 18.04 box that I mount all sorts of network connections on, including my old OS/2 box (now running in a VM), which only supports SMB1.  In fstab it is easy to add a "vers=1.0" option.  Anything else on my network that needs access to those connections then does that by connecting to that Ubuntu 18.04 box, rather than directly.  So if your client has an old PC that could run Linux, they could set up a similar arrangement.




2195 posts

Uber Geek


  #2520553 10-Jul-2020 09:06
Send private message quote this post

fe31nz:

 

Do they have a Linux box somewhere? 

 

 

Thanks for the suggestion , but Linux isnt a option for workstations in a Business environment .

 

The Win10 PC's still on 1909 or below dont have the issue. Its going to become more of an ongoing issues, as win10 build updates cant be
delayed indefinitely

MS havnt even acknowledged the issue (it seems) , googling I have found plenty of others with this issue, but no working fix
Only an issue when you need to map a drive on an old PC/server/NAS etc .
Its a CNC machine , so cant just upgrade it .

 

 


391 posts

Ultimate Geek


  #2520557 10-Jul-2020 09:19
Send private message quote this post

1101:

 



MS havnt even acknowledged the issue (it seems) , googling I have found plenty of others with this issue, but no working fix
Only an issue when you need to map a drive on an old PC/server/NAS etc .
Its a CNC machine , so cant just upgrade it .

 

 

 

 

Personally I do not see this is a MS issue - you are trying to connect a new OS to a none supported protocol. SMB1 is over 30 years old, and MS has said they not going to support it for some time now, and why should they as it a security risk. If you need it, then you need to come up with a working solution, not MS.


1990 posts

Uber Geek

Trusted
Subscriber

  #2520569 10-Jul-2020 09:35
Send private message quote this post

Have you asked the CNC machine vendor if they have any updates available?





CPU: Intel 3770k| RAM: F3-2400C10D-16GTX G.Skill Trident X |MB:  Gigabyte Z77X-UD5H-WB | GFX: GV-N660OC-2GD gv-n660oc-2gd GeForce GTX 660 | Monitor: Qnix 27" 2560x1440

 

 


 
 
 
 




2195 posts

Uber Geek


  #2520619 10-Jul-2020 10:45
Send private message quote this post

So an update breaks SMB1 , and its not a MS issue . Ok .
SMB1 WAS supported by Win10 , and still is (it broken thats all) .   Win10 even has the option to enable it (off by default I think)
The security risk, in real life on this system , is ZERO. NADA. Zitlch .

 

I fully understand why MS doesnt seem to be bothered to fix it though.

 

And yes, systems should be upgraded when obselete. In NZ , thats not the way things are, in real life (in small/med businesses).
Im just trying to get things usable .

 

 

 

 


1004 posts

Uber Geek


  #2520622 10-Jul-2020 10:52
Send private message quote this post

Is getting a NAS or something for file storage an option? At least that way it can be enabled & won't break every 6 months when MS release a feature update. 


217 posts

Master Geek


  #2520626 10-Jul-2020 11:01
Send private message quote this post

1101:

 

So an update breaks SMB1 , and its not a MS issue . Ok .
SMB1 WAS supported by Win10 , and still is (it broken thats all) .   Win10 even has the option to enable it (off by default I think)
The security risk, in real life on this system , is ZERO. NADA. Zitlch .

 

I fully understand why MS doesnt seem to be bothered to fix it though.

 

And yes, systems should be upgraded when obselete. In NZ , thats not the way things are, in real life (in small/med businesses).
Im just trying to get things usable .

 

 

 

 

 

 

 

 

Other than the rant, can you provide some useful information so the others can help?

 

What is the destination system you are trying to connect to? What is the error message? Anything in the SMB client event log?

 

Is it working with a fresh 2004 install when SMB1 is enabled?

 

Have you done Wireshark network captures to identify which part is failing?


4043 posts

Uber Geek


  #2520656 10-Jul-2020 11:41
Send private message quote this post

Not quite. It was a legacy feature that is still present to keep working if systems using it are upgraded for negotiation detection and quasi use to stop hangs. But it's removed after 15 days if not manually changed to drive the point home.

 

But not supported. Their stance if it breaks under the 1709-1909 enable/disable errors, is still:

 

To work around this issue, contact the manufacturer of the product that supports only SMBv1, and request a software or firmware update that support SMBv2.02 or a later version. For a current list of known vendors and their SMBv1 requirements, see the following Windows and Windows Server Storage Engineering Team Blog article:

 

SMBv1 Product Clearinghouse

 

https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb-is-dead-long-live-smb/ba-p/1185401 

 

"Not only does Microsoft not support these EOS operating systems (OS’s), we do not support interoperability with them. Meaning, if the latest version of Windows 10 does no work with an EOS version of Windows over SMB, Microsoft will not support you."

 

It's not about security - It's liability and ongoing cost risk. By offering continual workaround support because 1 part of the puzzle is kept up to date and 'seems' to work between patching, if not advising of the operational downtime risks (not security) in doing so or an action plan and budgeting is not drawn up and ready across the board. Puts liability back on the supporter. Not MS -Their stance is strong.

 

I've struck similar myself. But it was 'I told you so'. Had to appologise, point to the warnings I made some years before. Give the contact of the original hardware supplier and walk away. 

 

Might not like spending money to keep up to date. But there's always someone higher up ready to jump on you when the production line comes to a halt and want's the answer as to why there was no continuity plan in place.

 

'no good deed goes unpunished'


568 posts

Ultimate Geek


  #2520973 10-Jul-2020 23:10
Send private message quote this post

1101:

 

fe31nz:

 

Do they have a Linux box somewhere? 

 

 

Thanks for the suggestion , but Linux isnt a option for workstations in a Business environment .

 

 

I was not suggesting Linux on your workstations - rather a Linux box as an intermediary between your workstations and the CNC machines, to translate from Windows 10 SMB to SMB1.  It would be run like a server by your IT people and be tucked away with the servers.  Any old PC with a gigabit lan card and 4 GiB of RAM can do a job like this, so if you are retiring PCs like that as they do not do Windows 10 very well, you might well have a surplus one somewhere.

 

And Linux is most certainly an option for workstations in business environments - there are plenty of companies doing just that, including Microsoft.  But I would not suggest trying to convert your business to Linux just because of a small problem like this one.  That would not work out well.


237 posts

Master Geek

Lifetime subscriber

  #2521019 11-Jul-2020 10:16
Send private message quote this post

@1101 you need to move on and accept that legacy protocols go, SMB1 has been out of Windows 10 for a while, you could add the module back. This should have been your first warning that it was on the way out. A solution should have been looked for when this SMB1 was first removed from WIndows 10.

 

@fe31nz is correct, you need to start earning your money as a solution provider in providing good solutions to a problem. You also need to get the company to accept this is an issue with running old hardware, and is not Microsoft's fault for removing support for insecure components regardless of the perception of the security risk.

 

There are a number of options available.

 

  • Running a legacy device to work with the legacy machinery
  • Running a legacy VM device to work with the legacy machinery
  • Using an interim device that provides a share

Personally I would look at a NAS device to act as interim. As I suspect the price of replacement/upgrade of the CNC machine is cost-prohibitive.

 

(I would choose a NAS device (Synology) as you will be able to load all the necessary components without any great knowledge of Linux)

 

To sit between the CNC machine and the users' desktops.

 

Users save the file to a new share on the NAS

 

The NAS has a cron job to move the file to the legacy CNC machine SMB1 share.

 

Only the NAS should be able to access the CNC machine.

 

Segregate the network for the CNC machine to be the only device that can communicate with the NAS.

 

Then provide good documentation on how it all works.

 

Most importantly not leave the company stuck on old hardware/software to support one old piece of hardware.




2195 posts

Uber Geek


  #2522695 14-Jul-2020 14:06
Send private message quote this post

I can suggest best practice & recommend upgrade paths , but I cant demand it . Real world : many companies wont upgrade when obselete/end of life  (not all) .

=================

 

Anyway , I have the fix , just in case anyone else has similar issues . This works, so far

 

create a bat file and start it when logging in (schedule to run on login):
timeout /t 30
net use w: "\\IP adress\folder" /persistent:no
be sure to put  /persistent:no

 

So far , It looks like having a persistent smb1 mapped drive was the issue in v2004 .

 

 


644 posts

Ultimate Geek

Trusted

  #2522912 14-Jul-2020 18:36
Send private message quote this post

We have a NAS that needs SMB1 for people to see the shares. Working fine with Windows 10 2004 but then it was set on in 1909 already


Filter this topic showing only the reply marked as answer Create new topic




News »

Freeview On Demand app launches on Sony Android TVs
Posted 6-Aug-2020 13:35


UFB hits more than one million connections
Posted 6-Aug-2020 09:42


D-Link A/NZ extends COVR Wi-Fi EasyMesh System series with new three-pack
Posted 4-Aug-2020 15:01


New Zealand software Rfider tracks coffee from Colombia all the way to New Zealand businesses
Posted 3-Aug-2020 10:35


Logitech G launches Pro X Wireless gaming headset
Posted 3-Aug-2020 10:21


Sony Alpha 7S III provides supreme imaging performance
Posted 3-Aug-2020 10:11


Sony introduces first CFexpress Type A memory card
Posted 3-Aug-2020 10:05


Marsello acquires Goody consolidating online and in-store marketing position
Posted 30-Jul-2020 16:26


Fonterra first major customer for Microsoft's New Zealand datacentre
Posted 30-Jul-2020 08:07


Everything we learnt at the IBM Cloud Forum 2020
Posted 29-Jul-2020 14:45


Dropbox launches native HelloSign workflow and data residency in Australia
Posted 29-Jul-2020 12:48


Spark launches 5G in Palmerston North
Posted 29-Jul-2020 09:50


Lenovo brings speed and smarter features to new 5G mobile gaming phone
Posted 28-Jul-2020 22:00


Withings raises $60 million to enable bridge between patients and healthcare
Posted 28-Jul-2020 21:51


QNAP integrates Catalyst Cloud Object Storage into Hybrid Backup solution
Posted 28-Jul-2020 21:40



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.