Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,127 questions
Authenticate against a Azure VM Windows File Server which is Azure AD Domain Services joined from an Azure AD joined Device
Nathanael Santschi
126
Reputation points
I did the following test Setup:
- 1 Azure Active Directory Domain Services - Standard SKU
- Windows Azure VM - domain joined to the Azure Active Directory Domain Services
- Configured an File Share on this Azure VM and added a AD Group with Share Full Control Permissions
- 1 Azure AD Joined Windows 10 Machine
Then I tried to open this File Share from the Azure AD Joined Windows 10 Machine. The User which I uses for login is in the permission group for the share.
What happens when I browser this File Share:
- A login prompt appears -> I'm able to login to the share with may Azure AD User on this Azure AD Joined Device but only if I login explicit. NO SSO to this Share
Is this a default restriction from Azure AD Domain Services?
This seem to work if a Windows Server is joined in a Self Managed Active Directory Domain. I'm able to open up a Windows File Share without the need to login again.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
Givary-MSFT 27,886 Reputation points Microsoft Employee2022-12-12T17:05:27.533+00:00 @Nathanael Santschi Apologies for the delay in reviewing this post, lets connect offline to discuss further on this issue.
Sign in to comment