Does SecureAuth IdP require SMB to be enabled on the appliance?

Follow
    Applies to:
  • SecureAuth Identity Platform
  • Legacy SecureAuth IdP
Deployment model:
  • Hybrid
  • On Premises
  • Version Affected:  all

    Description:  

    Server Message Block (SMB) is the network protocol Microsoft uses for allowing computers on a network to share files.

     

    Cause:  

    The SecureAuth IdP itself does not share files on a network and does not require having SMB enabled on the server, although administrators may need to copy files to/from the IdP server via network connections.*

     

    Resolution:  

    It is safe to disable the SMB protocol on a SecureAuth IdP appliance via Group Policy, Registry configuration or by following the Microsoft article below. The only time SMB would be required on an IdP appliance is when using FileSync, see below for additional information.

     

    Special Considerations (optional as needed):  

    *Please note, if using the SecureAuth FileSync service to replicate configurations, it will then use SMB to share configurations between SecureAuth appliances. Disabling SMBv1 is recommended as it is known to be insecure (Stop Using SMB1), see the following Microsoft Article on how to detect/disable/enable SMB.

    https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3

    Here is a list of known applications which require SMBv1, although it has been about a year, since publishing this article. that the list has been updated:

    https://techcommunity.microsoft.com/t5/storage-at-microsoft/smb1-product-clearinghouse/ba-p/426008

     

     

     

    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.