Grant-SmbClientAccessToServer
Allow access to a computer or set of computers for SMB over QUIC's client access control feature on an SMB Server.
Syntax
Grant-SmbClientAccessToServer
[-Name] <String[]>
-IdentifierType <IdentifierType>
-Identifier <String>
[-Description <String>]
[-Force]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Grant-SmbClientAccessToServer
-InputObject <CimInstance[]>
-IdentifierType <IdentifierType>
-Identifier <String>
[-Description <String>]
[-Force]
[-CimSession <CimSession[]>]
[-ThrottleLimit <Int32>]
[-AsJob]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Grant-SmbClientAccessToServer cmdlet is used to allow SMB clients to access a specified
server. When you run this cmdlet, it'll add a new rule to the server's firewall to allow incoming
SMB traffic from the specified client IP address. If you need to revoke access to the server in the
future, you can use the Revoke-SmbClientAccessToServer cmdlet.
Examples
Example 1: Grant SMB client access to a server
$params = @{
Name = "Server01"
IdentifierType = "ISSUER"
Identifier = "CN=MyCertificateIssuer"
Description = "Allow access from client for LabSvr"
Force = $true
}
Grant-SmbClientAccessToServer @paramsThis example grants SMB client access to a server named Server01 based on the client's
certificate. The Description parameter is used to provide a description of the rule being added
to the server's firewall. This command runs without prompting for confirmation.
Parameters
-AsJob
Runs the cmdlet as a background job. Use this parameter to run commands that take a long time to complete.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-CimSession
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.
| Type: | CimSession[] |
| Aliases: | Session |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
Used to provide a description of the rule being added to the server's firewall when you use the
Grant-SmbClientAccessToServer cmdlet. This can be useful if you need to keep track of which
clients have been granted access to a server, or if you need to provide additional information
about the rule for documentation purposes.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Identifier
Specifies the identity of the client that is being granted access to the SMB server. This parameter takes a string value that represents the identity of the client. The format of the string value will depend on the IdentifierType parameter that you're using.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IdentifierType
Specifies the type of identifier that you're using to identify a client. The valid values for the IdentifierType parameter are:
- SHA256
- ISSUER
If you're using the SHA256 identifier type, you're specifying a hash value that uniquely
identifies the client. If you're using the ISSUER identifier type, you're specifying the issuer
of the client's certificate.
| Type: | IdentifierType |
| Accepted values: | SHA256, ISSUER |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
Specifies the input object that's used in a pipeline command.
| Type: | CimInstance[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Name
Specifies a fully-qualified DNS name or NetBIOS name that must match the certificate's subject name or an entry in the certificate's subject alternative names.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-ThrottleLimit
Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If
this parameter is omitted or a value of 0 is entered, then Windows PowerShell calculates an
optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the
computer.
The throttle limit applies only to the current cmdlet, not to the session or to the computer.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet isn't run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
String[]