
How to configuration SMB3 and encryption
We have not enforced SMB3 and encryption, but have now started a SOX review and need data copied between servers to be encrypted. Below is some of my notes to get this setup.
To enable SMB encryption for an single file share
Set-SmbShare –Name -EncryptData $true
To enable SMB encryption on the entire server
Set-SmbServerConfiguration –EncryptData $true
To create a new SMB file share with encryption enabled
New-SmbShare –Name -Path –EncryptData $true
On the server you can see what version of SMB each connection is using
get-smbsession | ft *
From a workstation you can see the SMB version and if its encrypted
get-smbconnection | ft *
I haven’t been able to view the connections from the server side to see if they are encrypted
reference sites
Overview of file sharing using the SMB 3 protocol in Windows Server | Microsoft Learn
SMB security enhancements | Microsoft Docs
How to Check, Enable or Disable SMB Protocol Versions on Windows? | Windows OS Hub (woshub.com)
More Stories
SQL upgrades
We have a few SQL servers that need to be upgraded before they go end of life. We are looking...
How to manage the local administrators group on Azure AD joined devices
After a device is deployed likely using autopilot, sometime you have a need to add an AzureAD user to the...
Azure AD and Windows hello for business, SSO for on-premises resources
We disabled WFB when we first rolled out autopilot because we are not ready to deploy and support passwordless at...
Recover Microsoft forms from old users
Microsoft forms are a great way to collect data from the user. However, what happens when the user leaves the...
Creating a document management system with SharePoint
Searching for documents can be a cumbersome and time-consuming task, especially if there is no proper system in place for...
Internal certificates for desktop phones
We are looking at a new cloud based phone system. Most use Poly or Yealink phones, we use 802.1x on...