Sonos support for SMB 2.0 protocol

  • 18 September 2016
  • 214 replies
  • 29201 views


Show first post
This topic has been closed for further comments. You can use the search bar to find a similar topic, or create a new one by clicking Create Topic at the top of the page.

214 replies

Userlevel 7
Badge +26
Hi everyone, starting with today's update, Sonos 8.6, Windows computers will be able to set up shares to their local libraries to Sonos without using SMB file sharing. We aren't removing support for SMB at this time, and you will continue to need to use it for NAS drives, but Mac computer and Windows computers now both have the ability to share using our implementation of HTTP file sharing using the Sonos app. For more details, see the announcement post here.
Userlevel 6
Badge +13
Hi Ryan, when you say you haven't removed support for SMB 'at this time' what does that actually mean - and how will shares from NAS's be affected by this? The point of a NAS with regards to Sonos is so PC's aren't left on permanently so I'm sure there are many users interested in how sharing will be achieved from NAS's if you appear to be going the opposite way and removing functionality as opposed to adding support for the later, more secure versions.
Userlevel 7
Badge +26
Hi sjw, we are continuing to support SMB1 on Sonos for use with NAS drives and network shares that can't set up the HTTP share that we've added for Windows computers. We'll be looking into options for NAS drives to see what can be done there, but don't have any specifics that I can share today.
Userlevel 6
Badge +13
OK, thanks.
Presumably switching it off with no other option isn't on the table?...
Userlevel 7
Badge +26
OK, thanks.
Presumably switching it off with no other option isn't on the table?...

We don't have any plans to turn off support for NAS drives.
Userlevel 7
Badge +21
OK, thanks.
Presumably switching it off with no other option isn't on the table?...

Trying to understand your query...

If you don't have a NAS holding your music library, and you can now turn off SMBv1 on your Windows computer (since Sonos is now using its own HTTP service), you're good to go. Nothing to worry about. Sonos' continued support of SMBv1 means nothing to you now. All of the risks and vulnerabilities are on the "server" end, not on Sonos' end.

And if you do have a NAS, why would you want them to just cut off support with no direct alternative?
Userlevel 6
Badge +13
Hi Mike, I do have a NAS and definitely don't want them to cut off support!! I was concerned about the wording from Ryan when he said it had gone from PC/MAC sharing - but wasn't being dropped 'at this time'.
I wanted clarification (and got it) that it wasn't even on the table for NAS's - and 'liked' Ryan's response,
As much as I really want them to something about improving the situation, completely dropping it shouldn't be seen as an option..
Userlevel 7
Badge +21
Gotcha... re-reading it now, I can see that tone in the question... sorry. 🙂 Yeah, pretty sure Sonos wouldn't go that far...
Userlevel 1
Badge
For me this is a great solution, because I've always put my files on a PC and not on a NAS. Thanks Sonos! (of course I'm also sympathetic to the NAS owners as well, so I still hope Sonos will be able to provide a solution for them as well!)
ability to share using our implementation of HTTP file sharing using the Sonos app.

Can you allow library source addition using HTTP as well? Most NAS have ability to share libraries over HTTP, either plain folders (apache2 index style), or WebDAV, both will be OK (and please, do support HTTPS).
Thanks
Userlevel 7
Badge +21
Full https support on devices on local networks is usually impractical, due to the problem of getting a certificate from an approved root CA with a local name on it. If both devices were from the same vendor (eg if Sonos did a NAS) then it would be more likely (as Sonos could create and trust their own certs), but I doubt that is going to happen.
Userlevel 7
Badge +21
I've fooled with trying to run secure HTTPS servers here and it is really frustrating due to the requirements to have a current certificate and control of the domain name it is tied too. That might be a stumbling block even for Sonos.

https://letsencrypt.org/getting-started/

In order to get a certificate for your website’s domain from Let’s Encrypt, you have to demonstrate control over the domain.
Badge
Would a setup using one SMB1 enabled NAS connected to Sonos (only), serving FLAC files, and another SMB3 enabled NAS for "sensitive" files be a secure network solution? (until Sonos adds SMB2-3 support)
Badge
Date: 2Jan2019

Here is my successful expereince (with some feature boundaries) to sharing my NAS based music library downwind of Sonos lack of support for SMB2+ and continued use of the vulnerable SMB1. When MS did the fall 2018 1709 W10 update, I lost NAS based music Library. We use NAS since we prefer use of .flac format, and think music rental via ugly-compressed streaming is not for us. 5+ Sonos units, 1.4 TB music library.

Obsolete vulnerable SMB1 desperately needs support for SMB2+. SONOS: get with the program! Yikes!

Sonos recommended solution was add Plex account to Sonos services, and enable Plex on NAS. This proved pretty unreliable for us. Speculate, maybe too many hops. Bizarre (read poor) Sonos "solution" to SMB1 problem.

Most notable thread on this (among others) IMHO: https://en.community.sonos.com/setting-up-sonos-228990/sonos-support-for-smb-2-0-protocol-6739642/index1.html?sort=dateline.desc

Wishing to stop using vulnerable SMB1 (personal decision), a few comments:
1) Kudos to Mike V (S in IOT stands for Security - LOL) who posted about this alternative approach.
2) Long time lifetime-license MediaMonkey Gold user (https://www.mediamonkey.com).
3) We do not use iTunes to manage Library on W10, and have no Macs.
4) Not an IT guy, just self-taught gizmo-intrigued n00b music fan.
5) This approach requires both some thought and MediaMonkey experience. It's not elegant.

MediaMonkey (MM) is used as music library manager including rip to NAS share as .flac, playlist builder tool, among many other MM features. Three NAS back-ups, one off-site. MM knows and manages music library.

NAS: QNAP TS-253B, QTS 4.3.5, SMB1 disabled. Reference:
https://www.qnap.com/en/how-to/faq/article/why-cant-i-find-my-nas-in-windows-file-explorer-after-installing-the-windows-10-fall-creators-update-version-1709/

On the following, YMMV depending on your configuration:

Install MM on W10 machine (in our case, an HTPC) which is on all the time (yep, that's necessary to be seamless to Sonos). Go ahead, buy a license for MM Gold version. IMHO, I like MediaMonkey because it lets me set options to manage music library my way. Unsure if all this works on free version.

You must add NAS-based music library to MM: File>Add/Rescan file to library. In my case, I pasted the music library path from W10 Explorer into the field at bottom of this window since picking path up from Network choices (above in this window) has been kinda wonky for me. The scan may take a few hours if you've a big library. You can watch scan process down at bottom of MM window. Not a big deal for me since we were already using MM.

In MM: Tools>Options>Library>Media Sharing (UPnP/DLNA), move over to right window pane.

In my case the MediaMonkey Library is listed. Check the box to left of listing. Then highlight and single click this listing of the Library. Click on the Options button. Check the Update counter box and the Share automatically with all new devices box.

In the pane below UPnP devices are listed. They are listed by Enabled status, MAC address, IP address, and name. In my case, several Linux Sonos devices are listed which seem to be those on which I have Sonos controller software/apps installed, e.g. ZP-120, Windows, iPad, iPhone. Make sure the enabled check box for each is checked. Then click OK button at bottom of this window, and window closes.
Then click OK at bottom of Options window.

In Sonos, (iOS iPad/iPhone) More>Settings>Advanced Settings>Show UPnP/DLNA Servers Enabled. I could not find this feature in W10 Sonos controller; posts suggest it used to be in File>Preferences but this now appears to be absent in W10 Sonos Controller v9.3, Build109822974 (did not try Android or Mac versions).

In Sonos, Browse>MediaMonkey Library (W10 MM machine name is listed)>Music and drill down to folder/sort you want. You can drill down via Location option to follow NAS music location path, having made MM aware of NAS library path (above.) Here is feature limitation: It looks to me like individual songs (filenames) must be added to Sonos Queue. No play Artist, Album, etc. in-one-shot capability. Once individual tunes are added, Sonos queue can be edited, played consistent with typical Sonos capability.

I'm thinking this approach avoids web hops and SMB1 vulnerability. I recognize this may serve as further incentive for Sonos to not fix NAS access which has been a long featured capability. Seems like such a premium product oughta get you to a NAS, streaming world (perhaps naively) aside.