cwheelersv 0 Posted July 13, 2017 Share Posted July 13, 2017 ERA appliance appears to be broken once SMB1 has been removed from the network. We removed it because "it was not required", at least not by any Microsoft or Apple machine. But the ERA appliance appears to require it. We had decided to remove SMB1 with the recent string of vulnerabilities. the following is how SMB1 was removed from ALL machines: sc.exe config lanmanworkstation depend= bowser/mrxsmb20/nsi sc.exe config mrxsmb10 start= disabled Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 –Force this is our current version of the appliance: (6.3) ESET Remote Administrator (Server), Version 6.3.148.0 ESET Remote Administrator (Web Console), Version 6.3.114.0 Problems: could not log into the web console with our domain credentials to the ERA appliance. We can log in using the local web server account. workstations no longer getting updates from the ERA Appliance trying to import the data from our 6.3 appliance to a newly downloaded 6.5 appliance fails. What are our options now that SMB1 is permanently removed form our network? How do we migrate the DB from a 6.3 appliance to a new 6.5 appliance? And then how do we make the 6.5 appliance work in a <<SMB1 Disabled>> environment? With the mounting number of vulnerabilities in SMB1 and NTLM, more people will start to shut these old technologies off. Link to comment Share on other sites More sharing options...
mahiralkhoir 4 Posted July 19, 2017 Share Posted July 19, 2017 this topic maybe can helpyou Link to comment Share on other sites More sharing options...
cone 0 Posted July 24, 2017 Share Posted July 24, 2017 We have the same problem here, we didn't disable smb1 yet, but we will for sure. ERA license is expiring soon so we have to know before we extend. We would like to extend our license, but not if ERA isn't working properly with smb1 disabled. So is it possible for ERA to fully work without smb1? Thanks Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,130 Posted July 25, 2017 ESET Moderators Share Posted July 25, 2017 Hello, @cone have you tried the workaround described in the topic mentioned? https://forum.eset.com/topic/12490-problem-deploying-agent/?do=findComment&comment=62531The issue is tracked as a bug for our development team so hopefully the fix will be available in the next version of the appliance. Regards, P.R. Link to comment Share on other sites More sharing options...
Recommended Posts