How to configuration SMB3 and encryption
We have not enforced SMB3 and encryption, but have now started a SOX review and need data copied between servers to be encrypted. Below is some of my notes to get this setup.
To enable SMB encryption for an single file share
Set-SmbShare –Name -EncryptData $true
To enable SMB encryption on the entire server
Set-SmbServerConfiguration –EncryptData $true
To create a new SMB file share with encryption enabled
New-SmbShare –Name -Path –EncryptData $true
On the server you can see what version of SMB each connection is using
get-smbsession | ft *
From a workstation you can see the SMB version and if its encrypted
get-smbconnection | ft *
I haven’t been able to view the connections from the server side to see if they are encrypted
reference sites
Overview of file sharing using the SMB 3 protocol in Windows Server | Microsoft Learn
SMB security enhancements | Microsoft Docs
How to Check, Enable or Disable SMB Protocol Versions on Windows? | Windows OS Hub (woshub.com)
More Stories
Windows Deployment with the Next Generation of Windows Autopilot
Microsoft's latest update to Windows Autopilot brings significant enhancements to the deployment process of Windows devices, catering to the needs...
Shrink PowerPoint files
Need to reduce the size of your PowerPoint file that contain a large number of pictures. Give this a try...
Setting the exchange online max send and receive size
Quick post today around setting exchange online max send and receive size. It can be set using the GUI in...
How to find your Microsoft Exchange build number
When documenting your environment, it’s important to keep track of the build number of your Exchange server. To get the...
Micrsoft Defender for Endpoints
We use Microsoft Defender for endpoints on our physical workstations. I'm now looking at it for our servers. The servers...
Sync Active directory user data with SharePoint
If you want to sync standard common attributes from active directory to sharepoint. Its easy, AD sync to Azure AD...