This tutorial describes the steps required to establish Windows File Sharing without a domain for small teams that only need to grant access to a handful of end users. This configuration allows migration away from Active Directory (AD) while maintaining established workflows by taking advantage of Integrated Windows authentication and local groups. This approach reduces IT overheads and adds convenience for the user while providing modern authentication solutions including Push MFA and Conditional Access.
- Have a JumpCloud account
- Deploy agents on your server and workstations
- Workstations don’t need to be professional editions of Windows
- Add devices to JumpCloud and link users to the device
- Have a local file server
- Make sure NTLM is not disabled
- Know your local usernames
- Accessing files outside of your network will not be possible without a VPN, just like when using a file server with Active Directory.
In this configuration, JumpCloud assumes the role of Active Directory by synchronizing accounts on all devices. IT departments do not need any knowledge of user account passwords for this setup because JumpCloud provides the same credentials on all server resources. Windows NTLM authentication only requires that the same user name and password reside on each file server, which is exactly what the JumpCloud agent provides.
Then, JumpCloud transfers the local group assignments and rights to each shared folder on the file server. This is made possible by the “Orders” role in device management. Each command requires an executor (superuser) and a device group target or individual devices. The commands include a Results tab which will display all error messages.
PowerShell commands to establish your shares
Please note that this command will not work if the Windows PowerShell checkbox is not selected.
The result will be a local group created on your file server as shown below in the computer management interface.
The next step is to add members to the group so that they can collaborate.
- Add users to the local group: (after user creation in JumpCloud)
This step will need to be repeated for each user for the target Windows devices. You (Read more…)