Replies posted by Aanuka
Hi, This is likely due to hardening done to SMB in Windows 10 / Server 2016 by Microsoft. Most likely it's due to the following: [quote]"[i]3.1. Removing RequireSecureNegotiate setting[/i] [i]In previous versions of SMB, we introduced “Secure Negotiate”, where the SMB client and server verify integrity of the SMB negotiate request and response messages.[/i] [i]Because some third-party implementations of SMB did not correctly perform this negotiation, we introduced a switch to disable “Secure Negotiate”. We explain this in more detail in this [url=http://blogs.msdn.com/b/openspecification/archive/2012/06/28/smb3-secure-dialect-negotiation.aspx]blog post[/url].[/i] [i]Since we have learned via our SMB PlugFests that third parties have fixed their implementations, we are removing the option to bypass “Secure Negotiate” and SMB always performs negotiate validation if the connection’s dialect is 2.x.x or 3.0.x.[/i] [i]Note 1: For SMB 3.1.1 clients and servers, the new Pre-Authentication I
Hi Jon, And as always, thank you for a swift response. That surely makes the deployment a whole lot simplier. Is this information gathered somewhere for easy access? I have only been able to find Best-Practice/Guidelines in regards of VMWare (Volume Groups), few on AHV and then a few vague information sheets regarding Hyper-V where it was a bit unclear on the actual fully supported end-to-end solution in regards of SMB3 (I even think that document had .vmdk mentioned in it, and words like in-guest iSCSI which made it even more vague). Also, any slated support for Shared .VHDX on SMB3 to be able to fully support Fail-Over Clusters without need for Volume Groups? Perhaps with Server 2016 with the new VHD Set? Kind Regards
Login to the community
Login with your account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.