How can I map a drive to my Azure storage?

Jim 271 Reputation points
2022-11-16T15:44:13.337+00:00

I've created file storage on Azure that I want to map a drive to (Windows 11, latest updates). I found this PS script on the MS site to do it:

$connectTestResult = Test-NetConnection -ComputerName server.windows.net -Port 445
if ($connectTestResult.TcpTestSucceeded) {
# Save the password so the drive will persist on reboot
cmd.exe /C "cmdkey /add:"server.windows.net" /user:"localhost\zdrive" /pass:"Wk5fE7lPIPtHgGE0bAZGv7urlQjY+YLzkKZ0i+lDhZ7+Zkus2SaiAMq08lT+AStSF/73w==""
# Mount the drive
New-PSDrive -Name Y -PSProvider FileSystem -Root "\server.windows.net\gdrive" -Persist
} else {
Write-Error -Message "Unable to reach the Azure storage account via port 445. Check to make sure your organization or ISP is not blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a different port."
}

Using the first command to test this:
$connectTestResult = Test-NetConnection -server.windows.net -Port 445

I get the following:
WARNING: TCP connect to (1.0.1.1 : 445) failed
WARNING: Ping to 1.0.1.1 failed with status: TimedOut

I turned off Windows Firewall
Opened 445 on my Eero router.

Same thing, no joy.

I have tried this from our on prem server, same results.

I guess the question is, is this the only way? I ultimately want to get rid of the on prem server and move all the files on our one company share to Azure and move the pointer that the drive mapping uses to point there in order to minimize user confusion. But if I need to go through all kinds of hoops to get it working on everybody's laptop then it just isn't worth it. We are a 365 tenant if that helps at all.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,156 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,668 questions
0 comments

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vasileios Dionysopoulos 456 Reputation points
    2022-11-16T17:45:23.27+00:00

    Hello,

    You have to create:
    a) a blob storage
    b) a container
    c) a file share
    d) in the three ... (Connect)
    Follow the instructions for windows
    261029-image.png

    261008-image.png

    As a result:
    261101-image.png

    I hope I help... :)

    0 comments
  2. Jim 271 Reputation points
    2022-11-16T21:17:31.687+00:00

    Thank you. But the problem is Port 445. Not one system I have tried this from can use that port. As I said, my firewall is turned off (for testing) and I still can't connect via that port. I guess I need to look at the VPN stuff.

    0 comments
  3. Jim 271 Reputation points
    2022-11-16T22:05:17.927+00:00

    You know, the more I dig into this the more confusing it gets. Now I need to set up some kind of VPN to get to the storage, which, when I think about it, seems right. Let me expalin our current set up and what I envision us moving to.

    Server 2012. Domain Controller, Active directory, ~40 users, File/print sharing. Office 365 small business tenant for email. The server is reaching end-of-life and I need to either buy a new one and migrate to it or go to the cloud. I like the latter option for an array of reasons.

    So, my fantasy would be Azure Active directory where users log into their laptops with their email. They have an Azure file share that replaces their current I: drive that points to the on prem server. Not sure what we do with the printers, but they are all network based so I can deal with that.

    So no more domain controller, no more Active Directory (local) to maintain. One login (365) does it all. I can't be the first to do this, so I'm looking for a plan out there so I don't reinvent the wheel.

    Should I just use our current model and replicate it in the cloud? That is, build a virtual server, create the share, migrate our AD to it, create a VPN to connect to it that every body has on their laptops? Would that be the way to go and how? Acturally, now that I write this I realize we already have the users up there via 365, it would just be replicating the rights on the shares I need to do.

    Anyway, any pointers would be appreciated.

    0 comments
  4. Carlos Solís Salazar 16,351 Reputation points
    2022-11-17T12:50:28.207+00:00

    Hi @Jim

    Thank you for asking this question on the **Microsoft Q&A Platform. **

    Reading your initial question and the following comments, the are some technical points that I would like to share with you:

    Azure File Share

    • If you connect to an Azure File Share through the internet, you must be able to connect to port 445 in your file storage URL. If the command Test-NetConnection -server.windows.net -Port 445 gives you an error, you must fix your communication problem. Also, check your Azure Storage firewalls
    • If you want to connect through VPN to your Azure File Share, you must Use private endpoints for Azure Storage and depending on your kind of VPN it is possible that you'll require to Create conditional forwarders to be able to work with the DNS name of the storage account.

    Another technology that you can consider is to use SharePoint Online (For sharing documents) and OneDrive (For personal documents) It will be easier to administrate the document and you will be able to use Data Loss Prevention and other documents security tools built-in in Microsoft 365.

    Hope this helps!

    ----------

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
    NOTE: To answer you as quickly as possible, please mention me in your reply.