I have documents that are stored on a ReFS (Resilient File System) volume, and the enforcement of Integrity Stream integrity is true.
PS M:\> Get-Item Contoso.vhdx | Get-FileIntegrity FileName Enabled Enforced -------- ------- -------- M:\Contoso.vhdx False True
I want to turn Enforced off:
PS M:\> Get-Item "M:\Contoso.vhdx" | Set-FileIntegrity -Enforce $False PS M:\> Get-Item Contoso.vhdx | Get-FileIntegrity FileName Enabled Enforced -------- ------- -------- M:\Contoso.vhdx False True
What is the procedure to disable the enforcement of file integrity?
What is ReFS?
ReFS stands for Resilient File System. It is a file system developed by Microsoft for Windows operating systems. It was first introduced in Windows Server 2012 and later added to Windows 8.1 and Windows 10. ReFS was designed to address the limitations of NTFS, the previous file system used by Windows. ReFS is a modern file system that is engineered to meet the needs of modern storage systems and workloads.
ReFS was designed to provide better data protection, scalability, and performance. It is optimized for handling large data sets, and it can support files and volumes that are much larger than those supported by NTFS. ReFS also supports advanced storage technologies such as Storage Spaces Direct, which allows for the creation of highly available and scalable storage solutions.
ReFS uses a feature called Integrity Streams to protect data. Integrity Streams is an optional feature that can be enabled for files and directories. When Integrity Streams is enabled, ReFS maintains a checksum of the file or directory contents. This checksum can be used to validate the data and detect any corruption. If ReFS detects corruption, it can automatically repair the data from a mirrored copy, if available.
What is Enforced file integrity?
Enforced file integrity is a feature of ReFS that ensures data integrity by enforcing the use of Integrity Streams. When Integrity Streams is enabled and Enforced is set to True, ReFS will delete any file that has even a single-bit error. This is done to prevent data corruption from spreading and to ensure that the data remains consistent and reliable.
Enforced file integrity is a powerful feature that can help protect your data from corruption and data loss. However, it can also be a double-edged sword. If Enforced is set to True and a file becomes corrupted, there is no way to recover the data. The only option is to restore the data from a backup, if one is available.
How to disable Enforced file integrity?
If you have files on a ReFS volume where Integrity Stream integrity is Enforced, you may want to disable Enforced file integrity to prevent data loss. To disable Enforced file integrity, you can use the Set-FileIntegrity PowerShell cmdlet.
To disable Enforced file integrity for a specific file, follow these steps:
1. Open PowerShell as an administrator.
2. Type the following command to get the current status of the file: Get-Item “PathToFile” | Get-FileIntegrity
3. If the Enforced value is True, type the following command to disable Enforced file integrity: Get-Item “PathToFile” | Set-FileIntegrity -Enforce $False
4. Verify that Enforced is set to False by running the Get-Item command again.
Note that disabling Enforced file integrity may reduce the protection provided by ReFS. If you disable Enforced file integrity, you may want to consider using other methods to protect your data, such as backups or RAID.
When should you disable Enforced file integrity?
Enforced file integrity is a powerful feature that can help protect your data from corruption and data loss. However, there may be situations where you want to disable Enforced file integrity. Here are a few examples:
1. Performance: Enforced file integrity can have a performance impact on your system. If you are working with large files or files that are frequently modified, you may want to disable Enforced file integrity to improve performance.
2. Compatibility: Enforced file integrity may not be compatible with all applications. If you are running an application that is not compatible with Enforced file integrity, you may want to disable it.
3. Risk tolerance: Enforced file integrity is designed to provide maximum data protection. However, there may be situations where the risk of data loss is acceptable. For example, if you are working with temporary files or files that can be easily recreated, you may want to disable Enforced file integrity to reduce the risk of data loss.
Other ReFS features
ReFS has several other features that make it a powerful and modern file system. Here are a few examples:
1. Data Deduplication: ReFS supports data deduplication, which can help reduce storage costs by identifying and removing duplicate data.
2. Storage Spaces Direct: ReFS is optimized for use with Storage Spaces Direct, which allows for the creation of highly available and scalable storage solutions.
3. Block Cloning: ReFS supports block cloning, which allows for the rapid creation of new files or virtual machines by copying data at the block level.
4. Data Scrubbing: ReFS can automatically detect and repair data corruption by scrubbing data on a regular basis.
ReFS is a modern file system that provides better data protection, scalability, and performance than NTFS. Enforced file integrity is a powerful feature that can help protect your data from corruption and data loss, but it may not be necessary or desirable in all situations. If you decide to disable Enforced file integrity, be sure to consider other methods of data protection, such as backups or RAID.
I would like to make a note that I conducted some tests on the latest version of Windows 11, and here are my observations:
When utilizing mirrored storage spaces, and there is data corruption in a file on a single disk, REFS will automatically repair it for you with integrity streams enabled.
If the corruption exists on both disks, REFS will prevent access to the file, but it won’t delete it. You can regain access to the file by manually changing the enforce flag to false.
For instance, you can use the command Get-Item ‘
E:\claclaboth.txt' | Set-FileIntegrity -Enable $True -Enforce $False.
Based on my findings, I suggest that you keep the enforced flag as default because REFS will only block your file and not delete it, at least on Windows 11 and for text files (which were the file type used during my testing).