Version Affected: all
Server Message Block (SMB) is the network protocol Microsoft uses for allowing computers on a network to share files.
The SecureAuth IdP itself does not share files on a network and does not require having SMB enabled on the server, although administrators may need to copy files to/from the IdP server via network connections.*
It is safe to disable the SMB protocol on a SecureAuth IdP appliance via Group Policy, Registry configuration or by following the Microsoft article below. The only time SMB would be required on an IdP appliance is when using FileSync, see below for additional information.
Special Considerations (optional as needed):
*Please note, if using the SecureAuth FileSync service to replicate configurations, it will then use SMB to share configurations between SecureAuth appliances. Disabling SMBv1 is recommended as it is known to be insecure (Stop Using SMB1), see the following Microsoft Article on how to detect/disable/enable SMB.
Here is a list of known applications which require SMBv1, although it has been about a year, since publishing this article. that the list has been updated:
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Please sign in to leave a comment.