![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(284.8, 90%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHG%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,629 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 11%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETH%3C/text%3E%3C/svg%3E)
Hello Hector Gamboa
To set file-level permissions for Azure AD users, you need to use Azure Files, which is a fully managed file share service in Azure. Azure Files allows you to create file shares that can be accessed using the standard Server Message Block (SMB) protocol, and you can control access to these file shares using Azure AD credentials.
Here are the steps to set file-level permissions for Azure AD users in Azure Files:
Create an Azure file share: To create an Azure file share, you can use the Azure portal, Azure PowerShell, or Azure CLI. When you create the file share, you can specify the SMB protocol version and the access tier. You can also choose to enable encryption for data at rest.
Create a directory structure: After you have created a file share, you can create a directory structure inside the share. You can create multiple directories and subdirectories as needed to organize your files.
Set access control: To control access to your files, you can use the Azure portal, Azure PowerShell, or Azure CLI. You can add users and groups from your Azure AD to the access control list (ACL) for the file share or directory. You can also assign different permissions to each user or group, such as read, write, or full control.
- Assign permissions to files: To assign permissions to individual files, you can use the SMB protocol to connect to the file share from a Windows client or server. You can then set the file-level permissions using the standard Windows file permissions dialog.
Note that the file-level permissions you set using the SMB protocol will be enforced by Azure Files. This means that users who do not have the appropriate permissions will not be able to access the files, even if they have access to the file share or directory.
I hope this information helps you set file-level permissions for Azure AD users in Azure Files. If you have any further questions, please feel free to ask.
Please don’t forget to Accept Answer and Yes for "was this answer helpful" wherever the information provided helps you, this can be beneficial to other community members.