A proof-of-concept PowerShell script to disable and remove SMB 1.0 from an entire domain: best practice, and extra defense against WannaCry.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
Remove-SMB1FromDomain.ps1

README.md

wannapry-smb1

A PowerShell script to disable and remove SMB 1.0 from an entire domain. If you don't rely on this protocol, Microsoft's bloggers recommend you remove it (though it's still enabled by default).

Please don't rely on this to protect your systems from the EternalBlue/WannaCry exploit. Install the official Microsoft security patches. Use this script only as an extra line of defense.

How to run

  1. Log onto a computer, as a user who has administrative rights to all computers on the domain.
  2. Install the Active Directory PowerShell module.
  3. Adjust your execution policy as needed with Set-ExecutionPolicy.
  4. Run this script: .\Remove-SMB1FromDomain.ps1