Cannot connect to SAMBA Share

Conor Hankinson 0 Reputation points
2025-08-28T10:44:26.5233333+00:00

Hello,

I am trying to connect to an old Windows 2000 server share.

This seems to work on Computers running 23h2 but computers running 24h2 doesn't work.

I have checked firewall logs and the computers keep trying to use SMB instead of SAMBA

Is there something in 24h2 or a security patch that forces the computers to use SMBv2 & V3?

I have enabled it in optional features. I have added registry keys for Guest Auth (0)

Added a registry key SMB2 (0) and SMB1 (1)

Any assistance would be great

Thanks

Windows for business | Windows 365 Enterprise
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Harry Phan 1,225 Reputation points Independent Advisor
    2025-08-28T11:27:01.0533333+00:00

    Dear Conor Hankinson,

    Starting with Windows 11 24H2, Microsoft has introduced enhanced security defaults for SMB (Server Message Block) protocol to better protect users from known vulnerabilities. These changes include:

    SMB signing enforcement by default

    Blocking insecure guest logons

    Disabling SMBv1 unless explicitly re-enabled

    These updates improve security but may impact compatibility with older systems like Windows 2000, which rely on SMBv1 and unauthenticated access.

    Here are recommended Steps to Restore Connectivity:

    1. Re-enable SMBv1 (if required) Confirm that SMB 1.0/CIFS File Sharing Support is enabled under Settings > Optional Features > Add an optional feature Alternatively, use PowerShell:
      • powershell
             Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
        
    2. Allow Insecure Guest Logons Open Group Policy Editor (gpedit.msc) Navigate to: Computer Configuration > Administrative Templates > Network > Lanman Workstation Set Enable insecure guest logons to Enabled
    3. Disable SMB Signing Requirement (if applicable) In Group Policy: Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options Set Microsoft network client: Digitally sign communications (always) to Disabled
    4. Registry Key Review Ensure the following registry keys are correctly configured:
      • reg
             [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
        

    "AllowInsecureGuestAuth"=dword:00000001 ```

    Security Considerations: Please note that enabling SMBv1 and guest access introduces known security risks. We recommend applying these changes only in trusted environments and considering long-term migration strategies away from legacy systems.

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    Best regards,

    Harry Phan

    0 comments No comments

  2. Conor Hankinson 0 Reputation points
    2025-08-28T12:24:43.3+00:00

    Hi Harry,

    Tried these options and hasn't resolved this, any other ideas?

    Thanks

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.