Share via

Intune policy to block the network sharing specifically SMB ports

Balasundaram Muthukumarasamy 0 Reputation points
2025-04-17T07:11:06.16+00:00

Hi all, kindly let me know if there were any Intune policy available to block the network drive sharing from local system access, specifically SMB port blocking.

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
2,062 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ishan Gupta 0 Reputation points
    2025-04-17T09:51:53.97+00:00

    Solution in Win 11/Win 10 all versions

    If you're looking for a more custom solution, you can deploy a PowerShell Script via Intune to disable or block SMB ports.

    Firstly Go to Windows-Powershell Scripts-then Add these scripts

    1. Disable SMBv1, SMBv2, and SMBv3 protocols (Optional)

    Set-SmbServerConfiguration -EnableSMB1Protocol $false -Force

    Set-SmbServerConfiguration -EnableSMB2Protocol $false -Force

    2 . Block SMB port (445)in Windows Firewall

    New-NetFirewallRule -DisplayName "Block SMB Port 445" -Direction Inbound -Protocol TCP -LocalPort 445 -Action Block

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.