Cname - SMB Signing - DisableStrictNameChecking

S

sthf

Hi

I have heard that it is not good Idea to add this to the
registry of server:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Lanman
Server\Parameters

3.On the Edit menu, click Add Value, and then add
the following
registry value:

Value name: DisableStrictNameChecking
Data type: REG_DWORD
Radix: Decimal
Value: 1

4.Quit Registry Editor.

If you are using SMB signing, Is that correct, if so why?

Does it do some harm to use this in registry of servers
(2000 and 2003).
 
M

Marc Reynolds [MSFT]

Hi,

I am not aware of any issues with this. It is documented here:

281308 Connecting to SMB Share on a Windows 2000-Based Server May Not Work
with
http://support.microsoft.com/?id=281308

Thanks,
Marc Reynolds
Microsoft Technical Support

This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
 
R

rory plaire

Greetings,

It isn't a bad idea, per say, but there are some implementation
problems. For one, if a system uses a CNAME to access a share under the
SYSTEM account, then the access attempt fails. This causes things like
share access in startup scripts and Application Managment to fail. I
suppose it is something with the way that the security tokens for
client and server are validated...
Marc, do you know how to log a bug on this?

thanks,
-rory
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Server alias. 6
Turn off SMB Signing? 4
Yet another: The account is not authorized to log in from this station 1
1219 WinLogon error 1
oplocks 2
Error Message - Delayed Write Failed 2
Registry Changes not Persistent 4
Home XP does not detect USB device 1

Top