Unable to Map Drives from Windows 8 and Server 2012
Mar31

Unable to Map Drives from Windows 8 and Server 2012

posted by

Originally posted at adamfowlerit.com I came across this issue recently and thought it was worth sharing. From a Windows 8 machine, trying to map drives to either Windows Server 2003 or Windows Server 2008 and failing. It was just the generic ‘Windows cannot access *blah*” but the details had ‘System error 2148073478’. Some googling found this Microsoft Support article: http://support.microsoft.com/kb/2686098 First, this only talks about 3rd party SMB v2 file servers which is a bit strange, but applying this client fix fixed it on an individual basis: Disable “Secure Negotiate” on the client.  You can do this using PowerShell on a Windows Server 2012 or Windows 8 client, using the command: Set-ItemProperty -Path “HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters” RequireSecureNegotiate -Value 0 -Force Note: If you get a long access denied error, try running Windows PowerShell as an Administrator. Fixes it, but not ideal. A better solution may be to disable SMB signing on the particular server you’re connecting to. The next set of instructions are fromExinda: http://support.exinda.com/topic/how-to-disable-smb-signing-on-windows-servers-to-improve-smb-performance To disable SMB signing on the Windows Server 2000 and 2003 perform the following: Start the Registry Editor (regedit.exe). Move to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters. From the Edit menu select New – DWORD value. Add the following two values EnableSecuritySignature and RequireSecuritySignature if they do not exist. You should set to 0 for disable (the default) or 1 to enable. Enabling EnableSecuritySignature means if the client also has SMB signing enabled then that is the preferred communication method, but setting RequireSecuritySignature to enabled means SMB signing MUST be used and so if the client is not SMB signature enabled then communication will fail. Close the registry editor. Shut down and restart Windows NT. In addition, default Domain Controller Security Policies may also force these values to “enabled” on Windows Servers.  On Windows 2003 Servers, open Domain Controller Security...

»»