1

Background

I have an environment with 5000 or so workstations, 1000 or so servers.

All of my file share servers are running Windows Server 2012 or higher, and thus support SMBv3.

About half of my workstations are Windows 10, and thus support SMBv3; however the other half are Windows 7, and thus only support SMBv2 or lower.

I'm working on replacing these Windows 7 machines, but it'll be awhile. We've paid for extended support, so it's ok for another year.

My Issue

Is it possible to force SMBv3 connections when SMBv3 connectivity is possible, but support SMBv2 otherwise?

Example:

Windows 10 workstation visits the "Accounting" department share to get a file. The connection between the workstation and department share (our file server) is via SMBv3

Windows 7 workstation visits the "Accounting" department share to get a file. The connection between the workstation and department share (our file server) is via SMBv2

EDIT

I ran Get-SmbConnection on my Win10 workstation to my file server, and it reports version 3.02.

However, running Wireshark while transferring a file between workstation and share shows SMBv2, and Wireshark is able to re-create the transferred file from the captured packets. SMBv3 is encrypted, so this shouldn't be possible if it were.

This is where my confusion is stemming from I suppose.

Improve this question
2
  • 2
    Encryption is an optional feature of the protocol. Did you enable encryption on your server?
    – Daniel B
    Commented Dec 16, 2019 at 20:54
  • Ah! That may be the cause. I'll send a message to our storage admin.
    – Ghawblin
    Commented Dec 17, 2019 at 16:47

1 Answer 1

Reset to default
1

This is how SMB functions to spec already. It will connect at the highest version that both parties support. Server 2012 to Windows 10 = smb3, 7 to server 2012, smb2, etc. This can be verified with Get-SmbConnection cmdlet in powershell on any host with an smb connection to another host.

Improve this answer
4
  • I'm glad you mentioned that! I ran Get-SmbConnection on my Win10 workstation to a few of my servers and it reported version 3.02, however, Wireshark shows SMB2 when I move files around. I'm able to have wire-shark recreate the transferred file from the packet data it captured, implying that it's not encrypted and thus can't be SMBv3. What gives with that?
    – Ghawblin
    Commented Dec 16, 2019 at 20:44
  • 1
    Are the servers in question here 2012 or of the linux variety? Verifying the connection in question is from Win10 to Server2012?
    – Narzard
    Commented Dec 16, 2019 at 20:47
  • 1
    snia.org/sites/default/files/SDCEMEA/2019/SMB3seminar/… I found this interesting. Because SMB3 is a dialect of SMB2, it shows as SMB2 in wireshark. Because wireshark caught all the connection negotiations, it is still able to decrypt packets made from connections in/out of the server. What do you think? Edit: Around Slide 16
    – Narzard
    Commented Dec 16, 2019 at 20:59
  • Thanks! They're windows servers specifically. Someone earlier mentioned if I had encryption enabled, and I'm not sure. I sent a request to our storage admin.
    – Ghawblin
    Commented Dec 17, 2019 at 16:47

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .