Does Windows 7 actually support the SMB core protocol?

Question

I have started the development of a SMB server for an old Z80 based machine. This machine runs a very simple, MS-DOS like operating system (no multitask, no concept of users, FAT filesystem only, no unicode, 8.3 filenames only) and has limited memory, therefore my first idea is to implement just the SMB core protocol. I will use TCP transport.

As for now, I have just a very short testing code that just replies to the SMB_COM_NEGOTIATE command, indicating that the core protocol ("PC NETWORK PROGRAM 1.0") is the desired dialect. In order to test it, I try to connect from a Windows 7 machine, by opening a explorer window and typing "\\<server IP>" in the address bar. I have verified with Wireshark that the server receives the negotiate command and sends an (apparently) correct response.

The problem: as soon as the Windows client receives the response, it shows a generic "Can't access resource" error message (with error code 0x80004005) and then nothing happens (no further SMB messages are sent). I was expecting to receive SMB_COM_TREE_CONNECT or a similar command.

I was thinking that maybe Windows 7 does not support the core protocol (it is very old and it lacks any security feature whatsoever), but then, why does it list the core dialect name in the negotiate request? Maybe I am missing some step? Must the server send any additional packet after the negotiate response?

The client OS is Windows 7 Ultimate 64 bits, and here are the Wireshark dumps of both the request and the response in case anyone can spot anything wrong in the process:

The request:

The response:

UPDATE: If I select the NT LM 0.12 dialect instead of the core dialect, I receive a SESSION_SETUP_AND_REQUESTX command from the client. So apparently it seems that indeed, the core protocol is not supported by Windows 7. Anyway, any extra information will be appreciated.

Answer 1

I believe Windows 7 does support the Core Protocol. It downgrades to SMB 1.0 when connecting to older servers as per here.

Based on the issues that Windows 7 has with connecting to Samba servers, I believe the issue with the specifying the core protocol is due the LANMAN workstation / client settings on the Windows 7 machine.

Recommended changes would be

• enabling LM and NTLM hashes to be as part of the security policy are Network security: LAN Manager authentication level Send LM & NTLM responses
• changing the 【HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa \【LmCompatibilityLevel 】 value of the registry key to 0 as per here

• Adding the following parameters to LanmanWorkStation and NetLogon in the registry HKLM\System\CCS\Services\LanmanWorkstation\Parameters DWORD DomainCompatibilityMode = 1 DWORD DNSNameResolutionRequired = 0

  HKLM\System\CCS\Services\Netlogon\Parameters DWORD RequireSignOnSeal = 0 DWORD RequireStrongKey = 0

  Possible changes to these settings both via registry and via security policy are listed here

These changes should ensure LanmanWorkstation doesn't use NTLMv2 session security.

Answer 2

This info is basically the same as @Appleman1234 provided (thanks!), just a bit easier to apply.

1. Export your current reg settings so you can restore what you had if necessary. Put the following code into a .bat file and it will export to your C: drive the 3 reg keys we are getting ready to modify.

reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa HKEY_LOCAL_MACHINE.SYSTEM.CurrentControlSet.Control.Lsa.reg
reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters HKEY_LOCAL_MACHINE.SYSTEM.CurrentControlSet.services.LanmanWorkstation.Parameters.reg
reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters HKEY_LOCAL_MACHINE.SYSTEM.CurrentControlSet.services.Netlogon.Parameters.reg

2. Un-restrict the required registry settings. Below is almost exactly what @Appleman1234 suggested except it also enables plain text passwords and disables security signatures. Put the following code into a .reg file and import it to your registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"lmcompatibilitylevel"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Parameters]
"EnablePlainTextPassword"=dword:00000001
"EnableSecuritySignature"=dword:00000000
"RequireSecuritySignature"=dword:00000000
"DomainCompatibilityMode"=dword:00000001
"DNSNameResolutionRequired"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Netlogon\Parameters]
"RequireSignOrSeal"=dword:00000000
"RequireStrongKey"=dword:00000000
"RequireSignOnSeal"=dword:00000000