Starting with FortiOS v7.0.4 and FortiClient v7.0.3, it is possible to leverage ZTNA TCP Forwarding Access Proxy rules to connect to a file share remotely without the need for a VPN connection.

Reviewing the following document may be helpful to better understand the ZTNA components.

Zero Trust Network Access introduction

Configuration Steps.

The same steps can be used from other TCP Forwarding configuration examples as per the administration guide link below.

The only difference is that the port used for SMB is 445.

ZTNA TCP forwarding access proxy example

Note.

Starting with FortiClient EMS v7.0.3, ZTNA Connection Rules can also be created via GUI rather than only via XML files.
ZTNA Connection Rules

It is common to map network drives using the file server name. This can also be done starting with FortiClient v7.0.3, which supports FQDN-based ZTNA TCP forwarding services as per the documentation below.

FortiClient configuration:

FQDN-based ZTNA TCP forwarding services

FortiGate configuration:

ZTNA TCP forwarding access proxy with FQDN example

ZTNA with wildcard FQDN-based lookups can also be done starting with FortiClient v7.2.0 and above:

FortiClient configuration: 
Wildcard support for ZTNA FQDN rules | FortiClient 7.2.0 | Fortinet Document Library

File share can be accessed directly if the full path is known or it can be mapped to a network drive by browsing the file server tree.

In the examples below, 'rds1.colombas.lab' is the private address/real server, and '192.168.10.43' is the external IP address of this FortiGate.

Direct access with full path for file share via the 'run' shortcut or 'File Explorer'.

Mapping a network drive.