Docs / Windows Server / How to Set Up a File Server on Windows

How to Set Up a File Server on Windows

By Admin · Mar 2, 2026 · Updated Apr 23, 2026 · 26 views · 3 min read

How to Set Up a File Server on Windows

A Windows file server provides centralized file storage and sharing using SMB (Server Message Block) protocol. Setting up a file server on your Kazepute Breeze allows you to share files and folders across your network with granular access control. This guide covers the full setup from role installation to permission management.

Prerequisites

  • A Kazepute Breeze running Windows Server 2019 or 2022
  • Administrator access
  • Adequate disk space for shared files

Step 1: Install the File Server Role

# Install File Server role
Install-WindowsFeature -Name FS-FileServer -IncludeManagementTools

# Install additional useful features
Install-WindowsFeature -Name FS-Resource-Manager  # File Server Resource Manager (quotas, screens)
Install-WindowsFeature -Name FS-DFS-Namespace      # DFS Namespaces (optional)

# Verify installation
Get-WindowsFeature FS-* | Where-Object Installed -eq $true

Step 2: Create Folder Structure

Organize your shared folders with a logical structure:

# Create the base data directory
New-Item -Path "D:\Shares" -ItemType Directory
New-Item -Path "D:\Shares\Documents" -ItemType Directory
New-Item -Path "D:\Shares\Projects" -ItemType Directory
New-Item -Path "D:\Shares\Public" -ItemType Directory
New-Item -Path "D:\Shares\IT" -ItemType Directory

Step 3: Create SMB Shares

# Create a shared folder
New-SmbShare -Name "Documents" -Path "D:\Shares\Documents" -Description "Company Documents" -FullAccess "Administrators" -ChangeAccess "Domain Users"

# Create a read-only public share
New-SmbShare -Name "Public" -Path "D:\Shares\Public" -Description "Public Resources" -ReadAccess "Everyone"

# Create a restricted share
New-SmbShare -Name "IT" -Path "D:\Shares\IT" -Description "IT Department" -FullAccess "IT-Admins" -NoAccess "Everyone"

# List all shares
Get-SmbShare | Format-Table Name, Path, Description

Step 4: Configure NTFS Permissions

Set granular NTFS permissions on your folders:

# Remove inherited permissions and set explicit ones
$acl = Get-Acl "D:\Shares\Documents"

# Disable inheritance and remove inherited rules
$acl.SetAccessRuleProtection($true, $false)

# Add administrator full control
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators", "FullControl", "ContainerInherit,ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)

# Add users modify access
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule("Domain Users", "Modify", "ContainerInherit,ObjectInherit", "None", "Allow")
$acl.AddAccessRule($rule)

# Apply the ACL
Set-Acl "D:\Shares\Documents" $acl

Step 5: Enable Access-Based Enumeration

Hide folders that users do not have permission to access:

# Enable ABE on a share
Set-SmbShare -Name "Documents" -FolderEnumerationMode AccessBased -Force

# Verify ABE setting
Get-SmbShare -Name "Documents" | Select-Object Name, FolderEnumerationMode

Step 6: Configure Quotas (Optional)

Manage disk usage with File Server Resource Manager quotas:

# Create a quota template (5 GB limit)
New-FsrmQuotaTemplate -Name "5GB Limit" -Size 5GB -Description "5 GB hard limit" -Threshold (New-FsrmQuotaThreshold -Percentage 85 -Action (New-FsrmAction -Type Event -EventType Warning -Body "Share usage at 85%"))

# Apply quota to a share
New-FsrmQuota -Path "D:\Shares\Documents" -Template "5GB Limit"

# View quota status
Get-FsrmQuota | Format-Table Path, Size, Usage

Step 7: Map Drives on Client Machines

Connect to the share from client machines:

# Map a network drive (on the client)
New-PSDrive -Name "S" -PSProvider FileSystem -Root "\\YOUR_BREEZE_IP\Documents" -Persist

# Or via net use
net use S: \\YOUR_BREEZE_IP\Documents /persistent:yes

Monitoring and Maintenance

# View open files
Get-SmbOpenFile | Format-Table ClientComputerName, Path

# View current sessions
Get-SmbSession | Format-Table ClientComputerName, ClientUserName, NumOpens

# Close all open files on a share (use with caution)
Close-SmbSession -Force

Best Practices

  • Always set both share permissions and NTFS permissions — the most restrictive permission wins.
  • Use security groups instead of individual user accounts for permission management.
  • Enable access-based enumeration to improve security and reduce confusion.
  • Implement quotas to prevent any single user or department from consuming all disk space.
  • Enable shadow copies (Volume Shadow Copy Service) so users can recover previous versions of files.
  • Regularly audit share permissions and access logs.

Was this article helpful?

Related Articles