Enable SMBv3 Encryption using PowerShell

End-to-end encryption of SMB sessions was introduced in version 3 of the Server Message Block protocol (SMBv3). Windows allows you to configure encryption for all shares or just specific shares.
One disadvantage is that the communication will only be encrypted if both parties are running Windows 8 or Windows Server 2012.

To verify the encryption status you can use the following PowerShell command:

Get-SmbServerConfiguration | fl EncryptData

To enable the encryption of all SMBv3 sessions you can use the following PowerShell script:

Set-SmbServerConfiguration -EncryptData $true -Confirm:$false

 

 

Leave a comment

Your email address will not be published. Required fields are marked *

two × 1 =