IBM Support

IBM i NetServer SMB protocol version control guide

How To


Summary

This document is designed to help IBM i administrators view and manage their IBM i NetServer SMB protocol version

Steps

Display the current NetServer SMB protocol version with command:

  ===> CALL QZLSMAINT PARM('40' '0')

This program call creates a QPCSMPRT spooled file. In the spooled file, view OLD FLAGS and NEW FLAGS. For example:

image-20191030125208-1

There are 6 possible values related to SMB usage:

0000000000000000 -  Protocol version is negotiated and defaults for the OS version will be used (SMBv1 for 7.2, SMBv2 for 7.3, SMBv3 for 7.4)
0000000000000080 -  Disables SMBv2
0000000000000100 -  Disables SMBv1
0000000000000400 -  Enables SMBv2 for 7.2 (7.3 and later do this by default)
0000000000000500 -  Combination of x100 and x400.  Allow SMBv2 and higher only
0000000000001000 -  Specific to IBM i 7.4 which requires adding 0x1000 to the above values.

Note:  7.2 provides support for SMBv1 and SMBv2. 7.3 provides support for SMBv1 and SMBv2.  7.4 provides support for SMBv1, SMBv2, and SMBv3.  7.1 and earlier versions support SMBv1 only (so these flags have no impact or meaning for those releases).
Change SMB version settings via CALL QZLSMAINT:

It is recommended to make the configuration change while NetServer is not active.
Whenever NetServer SMB protocol level changes are made, it might be necessary to remap drives or reboot client PCs for the client to begin using the new settings.
Considering the following example command:  CALL QZLSMAINT PARM('40' '1' '0x400')
‘1’ increments the following value
‘2’ decrements the following value
‘3’ reinitializes the flags to all zeros - Do not use unless directed by IBM i Support.

Commands are cumulative. For example, these two executions:

  ===> CALL QZLSMAINT PARM('40' '1' '0x400')  +  ===> CALL QZLSMAINT PARM('40' '1' '0x100')

…leaves you with:

  NEW FLAGS        0000000000000500
  ===> CALL QZLSMAINT PARM('40' '2' '0x500')
…the ‘2’ decrements and leaves you back at default settings (all 0’s).
  ===> CALL QZLSMAINT PARM('40' '3')
…re-initializes the flags to all zeros regardless of the existing value - Do not use unless directed by IBM i Support.
NOTE:  7.2 provides support for SMBv1 and SMBv2 (via PTF).   7.3 provides support for SMBv1 and SMBv2.  7.4 provides support for SMBv1, SMBv2, and SMBv3.

Additional Information

If Windows 10 clients receive the following error mapping to IBM i 7.2 or later:
image-20190710103603-3
...set the NetServer SMB protocol version control flags to x500 so that SMBv1 protocol is disabled.  Connections can still be established by using SMBv1 negotiation.

Document Location

Worldwide

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Component":"NetServer","Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.2, 7.3, 7.4","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
13 April 2021

UID

ibm10958915

Page Feedback