Dedicated Servers

October 2, 2025

How to Configure SMB Shares with Access Control

mr rockstar

How to Configure SMB Shares with Access Control
Cheap Dedicated Server

Server Message Block (SMB) is a popular protocol used for file and printer sharing across networks. Configuring SMB shares with proper access control is essential for ensuring secure collaboration while preventing unauthorized access. In this guide, we’ll walk you through setting up SMB shares and managing permissions effectively.

Step 1: Install the SMB Service

On Windows Server:

  1. Open Server ManagerAdd Roles and Features.
  2. Select File and Storage ServicesFile and iSCSI Services.
  3. Check File Server role and complete the installation.

On Linux (Samba):
On Linux (Samba)

sudo apt update
sudo apt install samba -y

Step 2: Create a Shared Folder

  • Windows:
    1. Right-click the folder you want to share → Properties.
    2. Go to the Sharing tab → Advanced Sharing → enable Share this folder.
    3. Assign a Share Name.
  • Linux (Samba):
    1. Open the Samba configuration file:
       

      Create a Shared Folder Linux (Samba)

      sudo nano /etc/samba/smb.conf
    2. Add a share definition:
      Add a share definition
      [SharedDocs]
path = /srv/shared
browseable = yes
read only = no
guest ok = no
    3. Restart Samba:
      Restart Samba
      sudo systemctl restart smbd

Step 3: Configure Access Control

  • Windows:
    • In Advanced Sharing → click Permissions.
    • Assign Read, Change, or Full Control to users or groups.
    • Use NTFS Permissions (Security tab) for more granular control.
  • Linux (Samba):
      • Create a Samba user:
         

         

     

  • Create a Samba user
    sudo smbpasswd -a username

  •  

  • Adjust folder permissions:
    Adjust folder permissions

  •  

    sudo chown username:group /srv/shared
sudo chmod 770 /srv/shared

Step 4: Test the SMB Share

    • From a client system, open File Explorer (Windows) or use the command:
       

       

 

  • open File Explorer
    smbclient //server-ip/SharedDocs -U username
  • Verify that access is restricted based on the configured permissions.

 

Best Practices for SMB Access Control

  1. Always use least privilege principle (give only the necessary rights).
  2. Avoid using the Guest account for sensitive shares.
  3. Enable encryption and signing for added security.
  4. Regularly audit share permissions and access logs.

 

How to Configure SMB Shares with Access Control (F.A.Q)

 

What is SMB used for?

SMB is primarily used for file and printer sharing between computers on a network.

 

 

Can I restrict SMB access to certain IPs?

Yes, you can use firewall rules or Samba configuration (hosts allow) to restrict access.

Is SMB secure for internet use?

Not by default—SMB should be used within internal networks or protected via VPN.

What’s the difference between share permissions and NTFS permissions?

Share permissions apply to network access, while NTFS permissions apply to local file system security.

Popular Blog Posts