Desktop Authority

SMBv1 removal causes DA Management Service not to be able to start.

SMBv1 removal causes DA Management Service not to be able to start.  Error 1705 is what I got when the service was attempting to start.  I logged a call with support and apparently the DA service requires the Computer Browser service as a dependency.  That service is removed if you remove SMBv1 from the DA Console server.  With WannaCry and other exploits we are trying to get rid of SMBv1, but in this case I am stuck with it.  Why does DA require the Computer Browser service?

  • A security flaw in SMBv1 was recently utilized by the exploits named WannaCry and Petya. As a result, many security experts recommended that SMBv1 be disabled in order to prevent a similar attack in the future.  Uninstalling the SMBv1 protocol causes the Computer Browser Service to be removed from the machine as well.  The removal of SMBv1 therefore results in a dependency problem for the Desktop Authority Manger Service because it also removes the Computer Browser Service.

    It is recommended to disable SMBv1, as opposed to removing it, and then the Computer Browser Service will remain running on the machine.  If the protocol has already been removed, simply add it back again using the Windows Components applet and then use Windows Server Manager to disable it.  SMBv1 can also be disabled using PowerShell or the Windows Registry in addition to Group Policy.  Please see Microsoft KB article 2696547 for additional information.  

  • I went ahead and disabled the protocol with Powershell, but the left the Feature installed. Thanks.