Disable SMBv1 Server with Group Policy
This will configure the following new item in the registry
Registry entry: SMB1 REG_DWORD: 0 = Disabled
To configure this using Group Policy:
Open the Group Policy Management Console. Right-click the Group Policy object (GPO) that should contain the new preference item, and then click Edit.
In the console tree under Computer Configuration, expand the Preferences folder, and then expand the Windows Settings folder.
Right-click the Registry node, point to New, and select Registry Item.
In the New Registry Properties dialog box, select the following:
Key Path: SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
Value name: SMB1
Value type: REG_DWORD
Value data: 0
This disables the SMBv1 Server components. This Group Policy needs to be applied to all necessary workstations, servers, and domain controllers in the domain.
Note: WMI filters can also be set to exclude unsupported operating systems or selected exclusions such as Windows XP.
Caution! Be careful when making these changes on domain controllers where legacy Windows XP or older Linux and 3rd party systems (that do not support SMBv2 or SMBv3) require access to SYSVOL or other file shares where SMB v1 is being disabled.