在搭建 Win10 Shared Folder 时,运行一段时间后就报 Access denied. 导致 Shared Folder 访问不了。

查了下 Event Viewer -> Windows Logs -> Security, 报了 5168: Spn check for SMB/SMB2 fails 错误:

Windows 10 Shared folder - 5168: Spn check for SMB/SMB2 fails.-LMLPHP

Windows 10 Shared folder - 5168: Spn check for SMB/SMB2 fails.-LMLPHP

解决方法:

Start -> Local Security Policy -> Security Settings -> Local Policies -> Security Options -> “Microsoft Network Server: Server SPN target name validation level

设置成 Off

Windows 10 Shared folder - 5168: Spn check for SMB/SMB2 fails.-LMLPHP

BTW:

我能解决这个问题,关键就是在 Shared Folder 访问失败时想到去查找 Windows Event log, 找到了 - 5168: Spn check for SMB/SMB2 fails. 这个线索。

我一开始 google "Win10 shared folder Access denied",  敲命令查看 net share, net config server, telnet x.x.x.x 445(事实上,TCP 层 445端口是通的)等,都没解决问题,浪费了好多时间。

所以当解决一个多原因导致的问题时,最好是对问题有个大概的了解,然后去逐步排查,看是哪个环节出现的问题,再去看看是否能找到对应的 log 进行分析。

Reference:

https://docs.microsoft.com/en-us/windows/security/threat-protection/auditing/event-5168

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/microsoft-network-server-server-spn-target-name-validation-level

05-15 05:07