Impacts of authentication on enabling and disabling protocols

The following are the recommendations for enabling and disabling protocols.

  • If authentication is already configured in the system, then the protocols that are enabled in the system to access data cannot be disabled, unless the system administrator cleans up the authentication configuration.
  • If authentication is configured, a disabled protocol cannot be enabled. Hence, it is vital to plan properly to decide the protocols that you want to avail now and in near future and enable them correctly in advance.
  • If authentication method chosen is active directory (AD), then authentication cannot be configured unless the SMB protocol is enabled and started.
  • Protocols cannot be disabled unless authentication is unconfigured. Disabling of a protocol is a critical action and it might result in loss of access to the data hosted by that protocol or other protocols. After you disable the protocol, the authentication can be reconfigured with the same authentication servers and types so that the other enabled protocols can start functioning again.
    Note: Instead of disabling protocols, the system administrators might stop a protocol if they do not need it. Stopping a protocol is the recommended action instead of disabling the protocol. Stopping a protocol is as good as removing the protocol from the cluster but it does not have an impact on the access to the data. Users can retain the access when the protocol is started again. Use the mmces stop -nfs -a command to stop the NFS protocol on the CES nodes. For more information about stopping protocols, see mmces command. If a service is stopped and not disabled, then it starts automatically post the system reboot.
  • The restrictions for enabling or disabling protocols are not applicable if user-defined authentication method is used for file or object access.
  • The authentication configuration needs to be removed to enable a new protocol in the system. If other protocols are already enabled in the system, the system administrator must reconfigure the authentication with the same authentication servers and types. Because of this authentication reconfiguration, the other enabled protocols can start functioning again.

You can also remove ID mappings, along with authentication, if you want to completely remove the authentication configuration. This authentication configuration removal results in permanent loss of access to the data.