Folder deleted in File Share Storage Account

michal 186 Reputation points
2022-10-19T10:20:25.117+00:00

Hello experts,

I have a File Share that I have to monitor some folders within it. There was a folder that was deleted few days ago - a one that should not be touched. Now, I'm trying to find out how to prevent that in the future. The file share is mapped to a server with Windows 2016 Server running on it.

  • is there a way to restrict deletion of a particular folders?
  • is there a way to trigger an alert when a folder is deleted?

I consider myself still a beginner with Azure and use Azure Portal usually.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,163 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,687 questions

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carlos Solís Salazar 16,531 Reputation points
    2022-10-19T11:03:55.837+00:00

    Hi @michal

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    is there a way to restrict deletion of a particular folders?

    It will depend how did you mapped out the file share, but:

    Azure Files supports the full set of basic and advanced Windows ACLs. You can view and configure Windows ACLs on directories and files in an Azure file share by connecting to the share and then using Windows File Explorer, running the Windows icacls command, or the Set-ACL command

    More info: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-configure-permissions

    is there a way to trigger an alert when a folder is deleted?

    For this activating the Monitoring Azure Files may be your best choice and monitoring the modifications
    251938-image.png

    Hope this helps!

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
    NOTE: To answer you as quickly as possible, please mention me in your reply.

  2. michal 186 Reputation points
    2022-11-14T11:41:43.093+00:00

    Hi @Carlos Solís Salazar

    I'm still struggling with this... Was trying to configure ACL on folder but cant figure it out.

    Just to recap:

    • share files are mapped as Network Locations
    • there many folders and 3 of those folders I MUST keep there and cannot be deleted as they are used with another tools
    • Sub folders and files can be deleted from those 3 protected folders
    • running Windows Server 2019 Enterprise (that runs on VM in Azure)

    I just can't figure out why they are deleted or how to protect them from deleting. When I try to add another user to permission list, I get an error - see attached picture.
    I've tried to enable Auditing on those folders but get the same issue as when adding a user to permission list.

    260154-image.png

    0 comments
  3. Sumarigo-MSFT 43,641 Reputation points Microsoft Employee
    2022-10-20T10:51:26.07+00:00

    @michal Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    • Azure Files offers soft delete for SMB file shares. Soft delete allows you to recover your file share when it is mistakenly deleted by an application or other storage account user. Refer to this article which provides detailed information on Prevent accidental deletion of Azure file shares
    • Accidental delete protection for Azure file shares using Azure Backup : To provide protection against cyberattacks or accidental deletion, Azure Backup has added one more level of security to the Azure file shares snapshot management solution by providing protection against the accidental or malicious deletion of backed-up file shares. Now, even if a malicious actor deletes the file share, the file share’s contents and recovery points (snapshots) are retained for a configurable retention period, allowing the successful and complete recovery of source contents and snapshots with no data loss.

    Is there a way to trigger an alert when a folder is deleted? Are you referring Azure File share file/folder? Or for complete Storage account?
    For Azure Fileshare we don't have that option for now! However you can monitor Azure files Read/Write/Delete/
    Azure File share is Alerts : Monitoring Azure Files

    How to create alerts for Azure Files

    252471-image.png

    Additional information: You can set alert for Blob storage(container) deletion and Alert when Storage account is deleted.

    252398-image.png

    If you have any additional questions or need further clarification, please let me know.

    ----------

    Please do not forget to 252379-accept-answer.png and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments
  4. michal 186 Reputation points
    2022-11-07T20:31:55.76+00:00

    Hi,

    thank you both... I will go through your advise and try to configure alerts at least. Been busy days :)

    I'm aware of Azure backup and snapshots for file shares. However, in my scenario, I have an app that is accessing the File Share and if that file share disappear, the app is failing. So it is not about restoring a file share.... but its about making sure that it is not deleted at all... or if it is, I'm notified via alert and can action it.

    So I need an alert when File Share is deleted (not storage account - I use lock to prevent deletion of storage account). So will have a look at Windows ACL to get familiar with it... and it could be a way to go.

    Btw, file share is mapped to Windows Server as "Network Location"

    0 comments