By default, Foldr respects the underlying permissions already in place on the backend file server. NOTE – It is only possible to override a user’s SMB share access permissions if a service account is configured in Foldr Settings > Files & Storage and the ‘use service account for all access’ toggle is enabled under the Access tab.
If a user logs into Foldr and can unexpectedly access a shares that they shouldn’t have access to, then the security permissions / ACLs on the file server are incorrectly configured. The recommended action in this case would be to correctly configure the backend permissions on the file server itself.
However, if for any reason you’re unable to correct the permissions on the backend file server you can use the Permissions feature within Foldr Settings > Files & Storage > Edit-Share > Access tab to configure granular permissions to deny access to Active Directory users and groups as required. It is important to remove the built-in Foldr Users group and replace with Active Directory domain users / groups assigned Read and Write permissions as required.
All Foldr permissions apply to the entire share, sub folder perimssions are not available here.