We had a problem where a Windows 2012 R2 Domain Controller would not browse the shares of another Windows 2012 R2 WorkGroup Server. We kept getting error 1208 and then we tried to force a mapping to share and received System error 2148073478
This problem is caused by the “Secure Negotiate” feature that was added to SMB 3.0 for Windows Server 2012 and Windows 8. This feature depends upon the correct signing of error responses by all SMBv2 servers, including servers that support only protocol versions 2.0 and 2.1. Some third-party file servers and other Windows Systems not on a domain may not not return a signed error response. Therefore, the connection fails.
We had this issue with a Windows 2012 R2 Domain Controller trying to connect to a Windows 2012 workgroup server share.
The Domain Controller had the local network set to Public and not Private, We had to change this by running a few PoSh commands.
Get-NetConnectionProfile
This gives us the index numbers for each interface then we find the interface marked public and change it to Private by running the PoSh command
Set-NetConnectionProfile -InterfaceIndex 10 -NetworkCategory Private
Change the InterfaceIndex number to the number of your interface.
Next we need to low the security level for SMB so that we can allow the connection to complete.
To do this we Edit the registry and change the value of RequireSecureNegotiate to zero
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters" RequireSecureNegotiate -Value 0 -Force
Once that has completed you will now be able to access your network shares on other NAS servers or Windows systems.
Hope this helps someone out there, Enjoy!
Cubert
If the owner changed the settings from their end, what an be the consequences ?
Please reply