how to move on premises file servers to azure

Ernesto H 20 Reputation points
2023-01-31T20:11:33.07+00:00

hi everyone,

I am looking for some help to come up with the best approach to move 3 on-premises file servers to an existing azure subscription.

current on-premises setup

I have 3 on-premises windows file servers 2012r2 vcenter vms with multiple file shares that are mapped to end users' laptops at logon by GPOs and local DCs and ADConnect.

current azure setup

I have an azure subscription with several resources such VNet, NSGs, site-to-site VPN (from on-premises to azure), Azure Files sync, DCs, etc.

my approach

would be to create one azure VM and enable the file server role then install azure file sync and start syncing the 3 File servers share drives that already sync with azure file share, then in one of the on-premises DC open Group Policy management and edit the network drive GPO and change the location of the file server to azure VM.

QUESTION

I believe my approach is better than lift and shift or azure storage migration tools which would add extra costs like more VMs, disks, etc. I would like to know if this approach would work, if I am missing something in this process or if you have a better idea.

what would happen if we decide to remove on-premises DCs and move to azure AD would the network drive GPO fails?

thank you all for your help

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,170 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,721 questions
Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,534 questions
Windows Server Migration
Windows Server Migration
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Migration: The process of making existing applications and data work on a different computer or operating system.
409 questions
0 comments
Accepted answer
  1. Luke Murray 10,531 Reputation points MVP
    2023-01-31T21:49:17.4333333+00:00

    Hi, Ernesto

    Your approach sounds 'sound'! It's probably, how I would have approached it as well - especially if you have DFS-N, you can just change the target.

    It would be worth including a domain controller in Azure as well, for the fileserver to talk to for authentication and DNS.

    If you decide to move away from Active Directory services, then it's a different conversation, your file share pathings (for authentication) should continue to work on your AAD machines as long as they have a line of sight to a domain controller and then you could switch over to Intune management.

    If your looking at moving away from Active Directory entirely, then you need to look at your files and their permissions, as NTFS permissions go away. So you may be better off moving your files to Sharepoint/teams.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 43,966 Reputation points
    2023-02-02T09:35:31.31+00:00

    Hi. Thank you for your question and reaching out. I’d be more than happy to help you with your query.

    Moving from on-premises Active Directory to Azure Active Directory is a common migration scenario, and it can be done in a number of ways. Removing on-premises DCs and moving to Azure AD can help reduce operational costs and improve scalability, but it also involves changes to the existing infrastructure and applications that rely on Active Directory.

    In regards to network drive GPOs, if you are using Group Policy to map network drives for your users, you'll need to consider the following:

    1. Azure AD Domain Services (AAD DS): If you are using GPOs to map network drives, you may need to consider enabling AAD DS in your Azure AD environment. AAD DS allows you to run traditional domain-joined applications in the cloud, and it provides the necessary functionality for GPOs to work in Azure AD.
    2. GPO compatibility: Before you migrate to Azure AD, you'll need to verify that your GPOs are compatible with Azure AD and AAD DS. You may need to make some changes to your GPOs to ensure they work properly in the cloud.
    3. Authentication: If you are using GPOs to map network drives that are hosted on-premises, you'll need to consider the authentication method used to access these drives. With Azure AD, you can use Azure AD credentials or on-premises credentials to access network drives, but you'll need to consider the best approach for your environment.

    Overall, removing on-premises DCs and moving to Azure AD can be a complex process, and it requires careful planning and execution. If you're considering this migration, it's best to work with a knowledgeable partner or Microsoft Partner to help ensure a smooth transition and minimize downtime.

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.

    0 comments
  2. Limitless Technology 43,966 Reputation points
    2023-02-02T09:35:47.47+00:00

    Double post

    0 comments