How to Set Up Shared Folders with NTFS Permissions in Windows Server 2025

Set up Shared folders with NTFS are essential in business environments where multiple users need to access, collaborate, and manage files securely. With Windows Server 2025, administrators — specifically only users with administrator privileges or members of the built in administrators group — can set up shared folders and control access using NTFS permissions.

The NTFS file system provides advanced access controls and underlying permissions so the file system enforces folder permissions and file-level permissions consistently whether content is accessed locally or via a file share. The operating system (Windows Server 2025) and the file server role together enable administrators to combine share permissions and NTFS permissions to provide the most restrictive permission effective on any given file or folder.

In this guide, we’ll walk you step by step through how to set up shared folders with NTFS permissions in Windows Server 2025 using Server Manager, explain share permissions versus NTFS permissions, and show best practice controls for restricting access and appropriate access assignment.

Getting Started: Accessing Server Manager

Logging into Windows Server 2025

Begin by logging into your server using your Windows logon credentials and a valid user account. If you’re preparing a new build, verify hardware compatibility in the Windows Server hardware requirements guide. After you sign in, open Server Manager to manage roles, the file server role, and storage. If users need to gain access from a remote system or from a client, ensure their account and group memberships are correct.

Finding Server Manager

If Server Manager isn’t already open:

Click the Start menu
Search for “Server Manager”
Double-click to launch it

Navigating to File and Storage Services

In Server Manager, use the left-hand navigation pane. Select File and Storage Services, then click Shares. The Shares tab lists existing file shares and shared folders and lets you create a new file share or modify properties for a shared folder.

Creating a New Share

Using the New Share Wizard

Click Tasks > New Share to launch the New Share Wizard. The wizard guides you through share creation and provides options for advanced sharing and granular control over share permissions and NTFS permissions.

Choosing the SMB Share Quick Option

By default, Windows selects SMB Share – Quick, the fastest way to provision a basic file share. For greater control, choose SMB Share – Advanced, which exposes extra settings for share permissions, offline caching, and access-based enumeration.

Alternative Share Types

Other options include:

SMB Share – Advanced: good when you need specific share permissions and more options
SMB Share – Applications: optimized for Hyper-V or SQL
NFS Share: for UNIX/Linux clients

Selecting a Custom Path for the Shared Folder

Creating a New Folder (Demo-Data Example)

You can share an entire volume or create a custom folder. In this tutorial we create a data folder called demo-data on the C: drive. Plan your folder structure ahead of time: a clear folder structure makes folder permissions and NTFS permissions easier to manage.

Configuring Share Settings

Access-Based Enumeration

Enable access-based enumeration so users only see files and folders they have permission to view. It’s a best practice that improves usability and protects data.

Offline Caching, BranchCache and SMB Encryption

Allow caching for offline files if required. For distributed offices, BranchCache or Azure File Sync integration can improve performance. Newer trends also favor enabling SMB encryption and SMB signing to protect data in transit across the network, especially when network connections traverse untrusted segments.

Encryption Options and Data Protection

Enable BitLocker encryption on the share or rely on NTFS-level protection for sensitive data. Consider Microsoft Defender and DLP integrations for file classification and protection when files are stored or replicated to cloud services. Aslo check our article on Top security features in Windows

Setting NTFS Permissions

Understanding Share Permissions vs NTFS Permissions

Share permissions apply to access through a file share over the network. NTFS permissions apply at the file system level — the NTFS file system enforces read, write and modify rights when files and folders are accessed locally or remotely. When both types apply, the most restrictive permission wins. For example, if share permissions allow Full Control but underlying NTFS permissions restrict delete files, the user cannot delete files.

Default Permissions and Everyone Group

By default, a new file share may include the Everyone group with Full Control on the share. For secure deployments remove the Everyone group and set only permissions for specific groups or individual users. Use authenticated users carefully and prefer role-based security groups.

Disable Inheritance and Clean Up

If required, disable inheritance on the security tab and convert inherited permissions into explicit entries. Remove unnecessary groups such as Authenticated Users and replace them with security groups (for example, Marketing). Group-based assignments reduce administrative overhead and make audits easier.

Adding Security Groups and Built-in Groups

Create new group objects or use existing groups. Assign folder permissions to groups rather than individual users. Include the built in administrators group for emergency access, and use service accounts or Managed Service Accounts for application access.

Customizing Folder and File Permissions

Use granular control: give List Folder Contents to support file navigation, Read Access for general viewers, and Modify or Full Control only where needed. If you must restrict access or restrict access to delete files, explicitly deny Delete or remove Delete Subfolders and Files. Click Properties > Security tab and click Edit to set NTFS permissions, or use Advanced to set specific allow/deny entries and audit settings.

Setting Share Permissions

Set share permissions from the Sharing tab or via Advanced sharing. Click Permissions on the sharing tab, then click Edit to set share permissions. Remember that the effective rights when accessing the file share are the intersection of share permissions and NTFS permissions; test with a member of the target group to verify final access.

Finalizing the Share Setup

Review the share name, path, and both share permissions and NTFS permissions before creating the share. Click Create in the wizard and confirm the new file share appears under Shares in Server Manager. Map the file share on a client with a drive letter if desired.

Testing the Shared Folder on a Client Machine

If you map or access shares through Remote Desktop, see our walkthrough on how to activate Remote Desktop Services (RDS) on Windows Server 2025.

Accessing via UNC Path

On a client machine (e.g., Windows 11), press Windows + R and enter the UNC path or paste the UNC path into Windows Explorer:

\ServerName\ShareName

Verify that list folder contents and read access behave as expected for users.

Verifying Permissions as a Group Member

Ensure the user is a member of the correct group and can gain access. If a user cannot create files, check whether Create Files / Write Data and Create Folders / Append Data are allowed in NTFS permissions.

Troubleshooting Permission Issues

If users can’t create, modify, or delete files:

Check both share permissions and NTFS permissions
Verify membership in the correct groups
Check the properties window and click Permissions and click Edit to inspect entries
Review the server security event log for failed access events (configure the firewall on Windows Server 2025)
Confirm whether files are accessed locally or via the network — different rules may apply

Best Practices for Shared Folders with NTFS in Windows Server 2025

Naming Conventions and Folder Organization

Use hyphens instead of spaces (e.g., HR-Docs, Finance-Reports)
Keep folder names descriptive for easier management and reporting

Security and Least-Privilege Control

Assign permissions to groups (not individual users)
Apply least privilege with the most restrictive permission approach
Regularly audit and remove stale accounts

Management and Monitoring

Schedule permission audits quarterly
Use centralized group management for data folder governance
Consider Azure File Sync for hybrid replication and modern data management

Other Practical Tips

Avoid sharing entire drives; prefer folder level shares
Use access-based enumeration to hide files users shouldn’t see
Document folder structure, share permissions, and NTFS permissions for operations and compliance

Trends and Modern Considerations

When planning an upgrade or migration, review licensing options — see how to choose the best licensing option for your business.

Zero Trust and least-privilege frameworks are increasingly applied to file servers
Integration with Entra ID and Azure File Sync enables hybrid file services and centralized identity
SMB encryption and DLP integrations are recommended for sensitive data
Automation and IaC tools (PowerShell, Desired State Configuration) help enforce consistent permissions across file shares

Setting up shared folders with NTFS permissions on Windows Server 2025 is straightforward with the New Share Wizard and Server Manager. By combining appropriate share permissions with NTFS permissions, applying group-based access, and testing access from client computers, you can secure your file share environment while enabling collaboration.

Want to learn more about Windows Server best practices? Check out the official Microsoft documentation. Server product catalog

FAQs About NTFS Permissions and Shared Folders

Q1: What’s the difference between share permissions and NTFS permissions?
Share permissions control network access to a file share; NTFS permissions control access at the file system level for files and folders. NTFS permissions are more granular. To set NTFS permissions, right click the folder in Windows Explorer, click Properties, then open the Security tab and click Edit to configure permissions or Advanced for fine-grained control.

Q2: Can I share an entire drive instead of a folder?
Technically yes, but it’s a poor practice for security. Share specific folders instead to limit exposure.

Q3: What is access-based enumeration?
Access-based enumeration hides files and folders users don’t have permission to view, improving usability and reducing accidental exposure.

Q4: Should I assign permissions to users or groups?
Assign to groups. This simplifies management and reduces errors. Create a new group per function (example: Finance-Editors) and give that group appropriate access.

Q5: Why can’t my user create files even though they’re in the correct group?
Check whether Create Files / Write Data and Create Folders / Append Data are present in the NTFS permissions and also verify the share permissions on the file share.

Q6: Do I need BranchCache or Azure File Sync enabled for offline files?
No, but enabling BranchCache for distributed offices or using Azure File Sync for hybrid scenarios improves performance and sync capability for remote users.

Post Views: 2

indigosoftwarecompany

See Full Bio

Indigo Software is a great place to go for software at a reasonable price. Their customer service is top notch and I highly recommend them to anyone.

Dave Kester

15:56 05 Sep 24

Great company for purchasing software at a very reasonable price. They provided me with excellent support getting the apps I purchased from them transferred to my new computer.

Betty Allman

20:29 03 Sep 24

I always go to Indigo SoftwRe for my Microsoft Office purchases, I haven't found a better price anywhere. What I didn't know is that they have awesome customer service. I had an issue with my computer and needed to... reinstall my software. I wasn't sure how to do that so I reached out to Indigo. They quickly responded with a video which provided a simple solution. I was back to work in minutes. Thank you Indigo for simplifying my life!read more

deb

00:01 24 Aug 24

I needed the Microsoft Office program on my Mac. When I purchased Indigo's product, I had several issues downloading and installing the program. However, when I reached out to the good people at Indigo, they went... above and beyond in helping me through all the steps needed in order to get the program up and running. I am beyond pleased with their expertise, knowledge, and the constant reaching out to me during the process! I've not seen a company care so much about their customers. Refreshing to see such professionalism! I would definitely recommend them for their products and services! Five stars to Indigo!read more

Melanie Koehler

21:33 16 Aug 24

Indigo is incredible!!! They have genuine Microsoft Suite products at a fraction of the price. In addition, the customer service is top notch!! Highly recommend!!!

Jack Berk

20:25 20 Jun 24

Indigio Software company is a company I continuously return to. Customer Service is great and the product pricing is awesome. This is a veteran owned/run company and I believe in supporting whenever possible those who... serve and have served to give us the Freedoms we love and hold dear. Thank you Indigo Software company. I refer anyone who wants a company that truley cares about their customers and want to support veterans!read more

Suzanne Ellis

18:54 18 Jun 24

I’m thankful I found Indigo Software. Over the last few years, I’ve purchased their Microsoft Office Professional software suite for three different home computers. I don't understand why everyone does not purchase... their Microsoft Office programs thru Indigo Software. They are economical and provide great, responsive Customer Service!read more

Russ Pilcher

13:59 07 May 24

I purchased a couple of licenses for Windows 10 over the years and 1 license for Office Pro 2019. I dumped one of my older laptops where Office Pro 2019 was installed and purchased a new laptop. Unfortunately, I... could not activate the Office Pro 2019 on my new laptop. I reached out to Indigo and they provided me a new legitimate activation code which I successfully registered in my Microsoft online account. I was then able to re-install on my new laptop without issue and fully activated and recognized as legitimate MS software.read more

John Benson

02:55 25 Apr 24

They have amazing customer service. I accidentally ordered the wrong item and then email them about my mistake. They were very quick to cancel my original order and refund the cost so I could easily order what I... actually wanted. The refund credited quickly to my credit card so there was no financial impact or delay.They have an excellent video to a company the order which made it very simple and easy to download and install.I am so happy to see that there are companies out there that still know what true customer service is.read more

elika

17:14 31 Jan 24

I purchased Office from Indigo some time ago, but in the aftermath of upgrading my PC's CPU and upgrading to Windows 11, the license was lost/deleted/corrupted/removed and my Office was deemed an unlicensed copy (with... the corresponding warnings from Microsoft.) The Team Indigo Helpdesk was (unlike some other "helpdesks") very helpful, resolving my issues promptly, even on a weekend. One may purchase productivity software from many sources, but they stand behind their service. Thank you Indigo. I feel comfortable in recommending your service to anyone at any time.read more

Sid Wood

18:01 28 Jan 24

I've dealt with several software vendors in the past, but I can truly say that Indigo has exceeded my expectations. Not only are the prices fantastic (for LEGITIMATE Sftwr and Keys), but the response, and follow-up are... amazing. I purchased software on behalf of a non-profit, and they handled the tax-exempt status without any issue. Then when I bought Software for myself, somehow my email was 'linked' to that non-profit entity. Indigo responded incredibly fast and cleared it up. All this, while providing valid keys which activated without issue.I'm very happy with Indigo Software and will continue to use them as a valuable Software resource!read more

Tbne3618

14:14 28 Jan 24

I am a Veteran disabled from a stroke , and built a New pc as therapy for my hand from components given to me as a gift, however I was having issues with my fresh new windows 10 Pro. Install and activation, 2 days... working on the issue ,and After hours on the phone with Microsoft support ,even they could not Resolve the Issue. I came upon the Indigo software website by accident. And thought I would send an email with my dilemma. It was late here on the east coast. I was very surprised in less than 1 hour I had received an email. With some instructions as to what I should look for. Emailed back a few screenshots of the errors. And 2 emails later. Within 1 hour . I was fully up and running. Issue was resolved. Not sure if I should mention a name, but I want to thank Michael of the Team Indigo Software Helpdesk ,,and company for resolving the issue. I highly recommend Indigo software for your Microsoft software needs. And their support is beyond fantastic. Please. Support this company. You cannot go wrong.Veteran owned business.Semper FiNeal Newmanread more

Neal Newman

18:09 23 Jan 24

We've been purchasing software for several years now and really appreciate the great service and quality of Indigo Software Company. Their prices are very affordable and we've never had an issue with any software we've... purchased. Look forward to another great year as our software needs arise!read more

Eagle Medical Inc

17:36 22 Jan 24

I could have bought Office 2021 from another company cheaper but didn't so glad I paid more had issues with download and the support from Joe and Jenna was awesome. You get what u pay for so spend the extra money and go... with Indigo. I've used multiple times and they have never let me down.read more

Herbert Cumbaa

15:55 26 Jul 22

Outstanding! Fair Price for Product! (Office Professional Plus 2016) Received Install Codes Immediately after Purchase! Processed Perfectly with Microsoft! Wanted Legit Software for Our Church! Will Use Again!... A+A+A+A+A+A+A+A+A+A+A+read more

Allan Drake

20:51 16 Jul 22

Asked for two activations for office 2019 professional I bought two times. Microsoft says since I updated to win 11 the code provided is not a good code on either computer. Indigo sent me both replacement codes. I... also sent in a form on your website with my phone number.read more

Bob S

14:13 20 Jun 22

I purchased MS Office 2019 for my new computer in 2021. The Install went well and all was good. A little over a year later Outlook stopped being able to sign into the Comcast email. Talking to Comcast tech after several... different trials we found by deleting the Comcast account and reinstalling it fixed the problem. About a month later the problem happen again. The delete and recreate the account trick did not work. Comcast indicated it was a MS Outlook problem since my iPhone that uses the same interface and the webmail portal all worked with the account. I then contacted Indigo about the issue. I got an email the next day asking for the order #. A few days later a email with YouTube video links on how to setup the Office software. I replied with a second more in depth description of what had been tried to resolve the issue. I have not heard from them in a week now. I can't imagine someone dealing with this lack of responce if their business depended upon it. Fortunetly for me, it is just for home use. The problem may not be MS Outlook, but you have to be able to get the support / knowledgebase to work thru to the solution.Edit: As soon as I checked my email, Indego had responded with a proceedure to reinstall Office and make sure no other office products were installed. It worked and Office is resyncing with the email account now.read more

Sidney Ruetz

21:03 19 May 22

Best software purchasing experience bar none. Excellent prices and installation was painless and flawless. I needed both Windows 10 and Microsoft office. I saved a lot of money. You can't go wrong here!!!

Dito Dalawa

15:15 24 Dec 21