how to disable NFS Kerberos Interface without removing the Service Principal Name
Applies to
- ONTAP 9
- NFS
- Kerberos Interface
Description
When deleting config on a NetApp system deployed as a DR, disabling Kerberos on the DR system causes a change on the production Domain Controller, effectively removing the SPNs of the NFS server used in the SVM DR replication. How can the Kerberos interface be disabled without also removing the Service Principal Name from the machine account on the KDC?
cluster1::> vserver nfs kerberos interface disable -lif svm1_data_lif1
Username: test
Password:
Warning: This command deletes the service principal name "nfs/cifs1@DEMO.NETAPP.COM" from the machine account on the KDC. Do you want to continue? {y|n}: n
cluster1::>