This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 42%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDD%3C/text%3E%3C/svg%3E)
Hi Everyone,
Currenty I have client computers (both Desktops & Laptops) connected to a Hybrid Active Directory Domain.
My client computers are Azure Active Directory (AD) registered; but not currently Azure AD joined.
I would like to start Azure AD joining my computers moving forward.
However I anticipate a challenge with accessing shared drives. Currently my shared drives are hosted on a local file server (on-prem). I must keep my data on-prem for compliance reasons.
Drive mappings are currently handled in the "traditional way" using Group Policy.
I am aware that Azure AD joining my client computers will nullify the on-prem Group Policy.
How can I go about retaining my drive mappings once I start joining client computers directly to Azure AD?
Furthermore how can locally hosted file shares be accessed over the internet?
Will I need to buy an SSL certificate and attach it to my Domain so that remote computers can find the file shares using a UNC path?
Any help here will be greatly appreciated.
Kind Regards,
Davo
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.
You can retain your drive mappings after Azure AD join by mapping a network drive to an Azure file share using domain credentials. You can use your AD user account (Windows Explorer, Command-Line, PowerShell, etc.) to map a drive to your Azure File Share. Once the drive is mapped, make any necessary NTFS ACL Changes as-needed.
Regarding accessing locally hosted file shares over the internet, you can create a VPN connection between your on-premises environment and Azure.
You can also use Azure File Sync to centralize your organization’s file shares in Azure Files while keeping the flexibility, performance, and compatibility of an on-premises file server.
You can also use Microsoft Endpoint Manager (MEM) to map a shared drive using MEM instead of Group Policy.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(51.2, 99%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJW%3C/text%3E%3C/svg%3E)
The Original post states the need to keep data On Premise for compliance reasons. Nothing about accessing the Data remotely.
So how would you go about mapping and accessing Shares currently hosted on internal server to internal PC's that are Azure AD joined instead of AD joined.
I do not know the answer off hand but I believe you still would need to keep Azure AD connect, and possibly use Azure Arc to complete this task?
Azure Files is not an option if data needs to stay on premise.
Extra clarification would be great on the original question.
Thanks!