Storage account needs to be joined to on-prem AD or Azure AD for controlling ACL's/NTFS firstly. ACL settings can be monitored or modified by checking on the file share properties(from private endpoint only file share can be accessible. on that the file share properties can be viewed, edited or modified.)
Better security with enhanced access control experience in Azure Files
Note:
- Azure File Sync preserves and replicates all discretionary ACLs, or DACLs, (whether Active Directory-based or local) to all server endpoints that it syncs to.
- You can enable Azure AD DS or on-premises AD DS authentication on a file share managed by Azure File Sync. Changes to the directory/file NTFS ACLs on local file servers will be tiered to Azure Files and vice-versa.
Learn how to configure Windows ACLs permissions for on-premises
Please let us know if you have any further queries. I’m happy to assist you further.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.