How to share just one (1) folder via SMB and nothing else under macOS Sonoma?

[MarcTremblay]

Hi, first time here. Does anybody know exactly (step by step) how to share ONE (1) folder via SMB and nothing else when you're under macOS Sonoma? Whenever I enable File Sharing ("Allow full disk access for all users" is set to OFF) then macOS shares ALL MY DRIVES WITH ALL MY FILES (100% OF MY COMPUTER) over SMB. This includes Macintosh HD with all my system files, etc... like WTF? I want all other computers on my network to have read/write access to just one specific folder and nothing else, and certainly nothing in my boot partition.

Under macOS "Users & Groups" I have tried creating a dedicated user (set to "Sharing Only") which looks like what I need in order not to share all my drives, because for some reason, modern macOS thinks that if you sign in using an administrator account, then it needs to share every single drive, folder and file that this computer can see. I've been investigating this for a few weeks now and it just doesn't work with a "Sharing Only" user, probably because I missed something somewhere, but I can't find what. Please guide me from start to end to fix this horrendous security issue

I tried posting this over on the official Apple Community forum and nobody replied so I'm trying my luck here.

 

[TonyAguila]

Hi, first time here. Does anybody know exactly (step by step) how to share ONE (1) folder via SMB and nothing else when you're under macOS Sonoma? Whenever I enable File Sharing ("Allow full disk access for all users" is set to OFF) then macOS shares ALL MY DRIVES WITH ALL MY FILES (100% OF MY COMPUTER) over SMB. This includes Macintosh HD with all my system files, etc... like WTF? I want all other computers on my network to have read/write access to just one specific folder and nothing else, and certainly nothing in my boot partition.

Under macOS "Users & Groups" I have tried creating a dedicated user (set to "Sharing Only") which looks like what I need in order not to share all my drives, because for some reason, modern macOS thinks that if you sign in using an administrator account, then it needs to share every single drive, folder and file that this computer can see. I've been investigating this for a few weeks now and it just doesn't work with a "Sharing Only" user, probably because I missed something somewhere, but I can't find what. Please guide me from start to end to fix this horrendous security issue

I tried posting this over on the official Apple Community forum and nobody replied so I'm trying my luck here.

Okay, you might have missed a step along the way. From start, let’s try this:

System Settings -> General -> Sharing -> File Sharing (turn this ON and click the circled “i”). Next window will show File Sharing On. DO NOT turn on “Allow full disk access…” and click Options… (bottom left). SMB sharing will open. Turn on “Share files … using SMB.”

Click Done. In the Shared Folders panel click on “+” and navigate to the folder you want to share. Select it and highlight it in the pane. The right pane will show you the list of users and you can adjust settings for each one’s access (much like in the permissions section of Get Info.) That should do it. If it’s still wonky after all this, there must be some damage to your system. You may want to reinstall macOS.

 

[MarcTremblay]

It's already 100% like what you described and as stated, SMB will show ALL my drives on every computer on the network and users can read, write and even DELETE every single file and folder on my entire Mac's file system. They have read/write access to all my external drives as well.

I thought that perhaps it's because the SMB username is the same as my local username on my Mac (I'm an admin on my Mac) so I tried to add a new "Sharing Only" user "test" with password "1234" and although my Mac lists it as one of the added users for my shared folder, there was no Windows machine capable of connecting to my SMB share with those credentials.

Then I thought that perhaps "Sharing Only" users are meant for something entirely different, so I went ahead and created a "Standard User" and added it to the shared folder's list of users. No Windows machine could connect to the SMB share with that kind of macOS user either.

It looks like macOS Sonoma SMB shares are excessively broken. Anybody knows or am I the only macOS Sonoma user around here?

 

[MarcTremblay]

I finally figured it out. Both your and Apple's instructions were lacking an essential step (at least for my W10 computers to be able to connect to my SMB share).

*** For poor, hairless souls coming here to find a solution to the same issue, PLEASE NOTE that you may have to reboot your Mac after creating a new "Sharing Only" or "Standard" user in macOS settings before doing this:

After adding a new user in macOS System Settings > Users & Groups, I had to go to macOS System Settings > File Sharing > Options, then I had to tick the "On" checkbox next to that new user I just created. So in my case above, I had to tick the checkbox next to "test".

Nowhere in Apple's instructions is this mentioned. They make it look like we only have to add the user to the "Users" column in File Sharing for the folder we want to share, but this only serves the purpose of explaining the read/write permissions for this user to this folder to macOS. It's not even solely SMB related. It's really macOS related. The essential step above in bold is what enables the username/password when connecting using SMB. Without that, macOS just says bad password and refuses the SMB connection.

I HOPE IT HELPS OTHER MAC USERS. Now I only have that one very specific folder shared AND NOTHING ELSE.

 

[TonyAguila]

Interesting that in detailing those steps I enumerated, I followed them myself and I didn’t have to resort to adding another user, probably because I already had two. Anyway, just for info to Mac users here, I finally discovered that, after a long while of struggling with Sonoma issues for months, the latest beta update, macOS 14.3 beta 2 (23D5043d), seems to have solved most of them. But not all.

 

[MarcTremblay]

I'm so glad that you've posted this, as I also have other issues with Sonoma and I cannot downgrade due to my Mac being brand new. I'm looking forward to 14.3 stable to apply the update and see if it fixes the random mouse hover cursor glitch when you right-click or when you switch between apps.

 

[TonyAguila]

I'm so glad that you've posted this, as I also have other issues with Sonoma and I cannot downgrade due to my Mac being brand new. I'm looking forward to 14.3 stable to apply the update and see if it fixes the random mouse hover cursor glitch when you right-click or when you switch between apps.

What version of Sonoma are you running? If you haven’t upgraded to the latest version, 14.2.1 (23C71), it’s at least not as bad as 14.2.