Questa è una vecchia versione del documento!
WannaCry: SMB1 and vSphere Products
With the excitement surrounding WannaCry, I thought I'd take a few minutes and write about SMB1 and vSphere products. There's been a few threads over the past few months, including troubleshooting this myself. More admins are starting to turn SMB1 off on servers, especially on Domain Controllers.
Out of the box, vCSA and ESXi only support SMB 1.0. I don't know about 5.5, but in atleast 6.0 (and 6.5) the vCSA and ESXi use the likewise package to handle active directory communication. VMware's KB2134063 still only shows the fix as enabling SMBv1 on the domain controllers. This is Wrong! We can just enable likewise to use SMB2!
on the vCSA:
Check Values:
/opt/likewise/bin/lwregshell list_values '[HKEY_THIS_MACHINE\Services\lwio\Parameters\Drivers\rdr]'
Change SMB2 to be Enabled:
/opt/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lwio\Parameters\Drivers\rdr]' Smb2Enabled 1
Restart lwio:
/opt/likewise/bin/lwsm restart lwio
on ESXi, the process is the same, but the path to the likewise binaries are in /usr/lib/vmware/likewise/bin/:
Check Values:
/usr/lib/vmware/likewise/bin/lwregshell list_values '[HKEY_THIS_MACHINE\Services\lwio\Parameters\Drivers\rdr]'
Change SMB2 to be Enabled:
/usr/lib/vmware/likewise/bin/lwregshell set_value '[HKEY_THIS_MACHINE\Services\lwio\Parameters\Drivers\rdr]' SMB2Enabled 1
Restart lwio:
/usr/lib/vmware/likewise/bin/lwsm restart lwio
Screenshot of running these on an ESXi 6.5 host: SMB2 Enabled on ESXi 6.5
If anyone from VMware reads this, please update the KB! There's a ton of forum posts asking for this fix.