Mounting azure files share, "The specified network password is not correct."

A-Stevan Melentijevic 0 Reputation points
2023-11-21T04:03:02.3766667+00:00

Hi,

I have a few Azure VMs which are struggling to connect with my Azure files/storage account. Sometimes they connect, but most of the time they seem to lose the ability to authenticate. This is me trying to directly mount an Azure file share using AD DS authentication as the option. The odd part is that it will intermittently connect to the share and then randomly decide not to connect for a few hours. Outside of my Azure VMs I can mount the shares with no issue using the same user account. To me it seems to be related to AD DS authentication. Running the Azfileshybrid module's command:

Debug-AzStorageAccountAuth -StorageAccountName $StorageAccountName -ResourceGroupName $ResourceGroupName -Verbose

---- CheckGetKerberosTicket ----

ERROR: The domain cannot find a computer or user object for storage account 'zimavdstorage'. Please verify that the storage account has been domain-joined through the steps in Microsoft documentation: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable#12-domain-join-your-storage-account

I can connect successfully using the SAS key 100% of the time.
Storage firewall has been set to public

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,277 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,104 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sumarigo-MSFT 45,781 Reputation points Microsoft Employee
    2023-11-21T11:51:12.5466667+00:00

    @A-Stevan Melentijevic Based on your error message, It sounds like you are having trouble with AD DS authentication when trying to mount an Azure file share on your Azure VMs. The error message you are seeing indicates that the domain cannot find a computer or user object for the storage account, which suggests that there may be an issue with the domain join process.

    To troubleshoot this issue, you can try the following steps:

    1. Check that the storage account has been domain-joined correctly. You can follow the steps in the Microsoft documentation to domain-join your storage account: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable#12-domain-join-your-storage-account.
    2. Check that the Azure VMs are joined to the same domain as the storage account. Make sure that the VMs are joined to the correct domain and that they are able to communicate with the domain controller.
    3. Check that the DNS settings on the Azure VMs are configured correctly. Make sure that the VMs are using the correct DNS server and that they are able to resolve the domain name of the storage account.
    4. Check that the firewall settings on the Azure VMs are configured correctly. Make sure that the VMs are able to communicate with the storage account over the required ports.
    5. If none of the above steps work, I would recommend you contact support, so If you have a support plan, I request you file a support ticket, else please do let us know, we will try and help you get a one-time free technical support. In this case, could you send an email to AzCommunity[at]Microsoft[dot]com referencing this thread as well as your subscription ID. Please mention "ATTN subm" in the subject field. Thank you for your cooperation on this matter and look forward to your reply.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.