Connection using Azure AD Kerberos authentication fails.

馬場 勇真 180 Reputation points
2023-10-19T08:23:52.24+00:00

Connection using Azure DA Kerberos authentication fails.

What I want to achieve:

I would like to use Azure Files by using Azure Ad Kerberos authentication as the authentication method.

Prerequisites:

The domain controller is generated as a VM on Azure.

Azure AD Connect between tenant and on-premises AD has been completed.

The machine that verifies connectivity is also an Azure VM.

This machine has already joined on-premises AD, and device registration has also been completed with Azure AD using Azure AD Connect. The Kerberos ticket settings are also complete.

User's image

The most important thing is that two tenants and Azure AD Connect are built for one on-premises AD.

What has been verified:

I followed the steps in Microsoft's documentation to build it. Specifically, it is as follows.

①Create storage accounts and file shares.

②Select "Azure AD Kerberos" as the authentication method and enter the domain name and domain GUID values obtained from the domain controller.

③Grant API permissions to the automatically generated storage account application.

④Mount the file share on a domain controller using the storage account key and set ACLs.

⑤From the verification machine, enter the file share path in UNC path format in Explorer.

⑤Credentials are requested. (I am aware that SSO is no longer supported because you are connecting multiple tenants.)

Here's the problem:

Even after entering the credentials, an error message is displayed and connection cannot be established.

The error message is below.

The specified network password is incorrect.

I tried entering several credentials, but they all returned the same error message. If you have any problems with my steps, please let me know.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,186 questions
{count} votes