Windows 2022
Sponsored Link

File Server : Set File Sharing (Advanced)2022/02/09

 
Set Network File and Folder Sharing.
On this example, Configure a sharing folder [E:\Share01] that only users that are in [DevGroup01] group can read and write.
[1] Run PowerShell with Admin Privilege and Configure Sharing.
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# create a group
PS C:\Users\Administrator> New-LocalGroup -Name "DevGroup01" 

Name       Description
----       -----------
DevGroup01

# add a user to the group
PS C:\Users\Administrator> Add-LocalGroupMember -Group "DevGroup01" -Member "Serverworld" 

# create a folder for sharing
PS C:\Users\Administrator> mkdir E:\Share01 

    Directory: E:\

Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
d-----          2/8/2022   4:41 PM                Share01

# set sharing
# -Name [share name you like]
# -Path [path of shared folder]
# -FullAccess [users or groups that is granted full-control permission]
PS C:\Users\Administrator> New-SmbShare -Name "Share01" -Path "E:\Share01" -FullAccess "DevGroup01" 

Name    ScopeName Path       Description
----    --------- ----       -----------
Share01 *         E:\Share01

# grant NTFS permission
PS C:\Users\Administrator> icacls "E:\Share01" /grant "DevGroup01:(OI)(CI)(F)" 
processed file: E:\Share01
Successfully processed 1 files; Failed processing 0 files

# confirm settings
PS C:\Users\Administrator> icacls "E:\Share01" 
E:\Share01 BUILTIN\Administrators:(F)
           RX-7\DevGroup01:(OI)(CI)(F)
           BUILTIN\Administrators:(I)(OI)(CI)(F)
           NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
           CREATOR OWNER:(I)(OI)(CI)(IO)(F)
           BUILTIN\Users:(I)(OI)(CI)(RX)
           BUILTIN\Users:(I)(CI)(AD)
           BUILTIN\Users:(I)(CI)(WD)

Successfully processed 1 files; Failed processing 0 files

# remove unnecessary permissions
# disable inheritance first
PS C:\Users\Administrator> icacls "E:\Share01" /inheritance:d 
processed file: E:\Share01
Successfully processed 1 files; Failed processing 0 files

# remove unnecessary permissions (example blow, remove Users persmissions all)
PS C:\Users\Administrator> icacls "E:\Share01" /remove "Users" 
processed file: E:\Share01
Successfully processed 1 files; Failed processing 0 files

# confirm settings
PS C:\Users\Administrator> icacls "E:\Share01" 
E:\Share01 BUILTIN\Administrators:(F)
           RX-7\DevGroup01:(OI)(CI)(F)
           BUILTIN\Administrators:(OI)(CI)(F)
           NT AUTHORITY\SYSTEM:(OI)(CI)(F)
           CREATOR OWNER:(OI)(CI)(IO)(F)

Successfully processed 1 files; Failed processing 0 files
File Server : Set File Sharing (Advanced) (GUI)
 
On GUI configuration, set like follows.
[2] Add Users or Groups you allow to access to Sharing. On this example, Add [DevGroup01] for Sharing like follows. To add Users or Groups, refer to here.
[3] Right-Click the Folder you'd like to set Sharing and Open [Properties]. Next, move to [Sharing] tab and Click [Advanced Sharing] button.
[4] Check a box [Share this folder] and input any Share name you like on [Share name] field. Next, Click [Permissions] button.
[5] Add Users or Groups you'd like to allow to access to Share. By default, [Everyone:Read] is granted, Remove it with [Remove] button, and next, Click [Add] button to add necessary permissions.
[6] Input user or group you'd like to add permissions.
[7] Set permissions for user or group just added.
[8] Click [OK] to finish sharing settings.
[9] Back to the [Properties] window, then Click [Security] tab to move to add NTFS access permissions, too.
[10] Set NTFS permissions, Click [Advanced] button.
[11] Remove unnecessary permissions like Users and so on. However, generally inheritance is enabled, so disable it first to remove unnecessary permissions. Click [Disable inheritance] button.
[12] Select the way for removing inheritance. On this example, select [Convert ***].
[13] Click [Remove] button to remove unnecessary permissions like Users first, next, Click [Add] button to add necessary permissions.
[14] This is the window for setting permissions. Click [Select a principal] link.
[15] Input user or group you'd like to add permissions.
[16] Check boxies you'd like to set permissions.
[17] After setting necessary permissons, Click [OK] to finish settings. That's OK all.
Matched Content