This article is intended for enterprise and education system administrators.
When making outbound connections to servers, SMB 1 and NetBIOS are enabled by default in macOS to improve compatibility with third-party products. macOS will attempt to use the later versions of SMB, as well as DNS and port 445, with failover to port 139 and SMB 1 as needed. You can disable SMB 1 or NetBIOS to prevent this failover.
To disable SMB 1, add the following line to the /etc/nsmb.conf file:
To disable NetBIOS, add the following line to the /etc/nsmb.conf file:
The /etc/nsmb.conf file doesn't exist by default. To create one and apply both of the above changes, use the following Terminal commands:
echo "[default]" | sudo tee -a /etc/nsmb.conf echo "protocol_vers_map=6" | sudo tee -a /etc/nsmb.conf echo "port445=no_netbios" | sudo tee -a /etc/nsmb.conf
To revert the above changes, you can delete the /etc/nsmb.conf file safely.
By default, macOS doesn't accept SMB connections. If you have set up your Mac computer to be a file server in file-sharing preferences, you can disable SMB 1 while continuing to allow SMB 2 and 3 connections. Use the following commands:
sudo scutil --prefs com.apple.smb.server.plist get / d.add ProtocolVersionMap # 6 set / commit apply quit
To revert the above change, run the following commands:
sudo scutil --prefs com.apple.smb.server.plist get / d.add ProtocolVersionMap # 7 set / commit apply quit
To disable netbiosd name registration, run the following command:
sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.netbiosd.plist
To verify that netbiosd isn't running, run the following command. If no results are returned, then netbiosd isn't running:
sudo ps aux | grep -i netbiosd | grep -v grep
To revert this change, run the following command:
sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.netbiosd.plist