Setting up and securing an SMB file server
The next step in creating a file server is to install the necessary features to the server, and then harden it. You use the Add-WindowsFeature cmdlet to add the features that are necessary for a file server. You can then use the Set-SmbServerConfiguration cmdlet to improve the configuration.
Since your file server may contain sensitive information, you must take reasonable steps to avoid some of the expected attack mechanisms and adopt best security practices. Security is a good thing but, as always, be careful! By locking down your SMB file server too hard, you can lock some users out of the server.
SMB 1.0 has many weaknesses and, in general, should be removed. By default, Windows Server 2022 installs with SMB 1.0 turned off. Remember that if you disable SMB 1.0, you may find that older computers (for example, those running Windows XP) lose the ability to access shared data. Before you lock down any of the server configurations...
