Connect to Azure File Share with Microsoft Entra Domain Services

Danny Foulstone 0 Reputation points
2024-03-22T14:01:03.0533333+00:00

I am unable to connect to an Azure File Share from a VM joined to a Entra Domain Services Domain. When I try and connect to the file share using an account setup in Entra ID, I get the error “The specified network password is not correct”.  I am logged into the domain joined VM with the same account that I am trying to connect to the Azure File Share with.

I successfully mounted the Azure File Share on to the VM using the Access Key. I then configured the applicable ACLs and gave the logged on used full access.

On the storage account that contains the file share, I configured the “Identity-based access” to be “Microsoft Entra Domain Services”.

In “Access Control” for the File Share I have configured the user I am trying to connect to the File Share with the role “Storage File Data SMB Share Contributor”.

What am I doing wrong or what else do I need to do to be able to connect to the File Share using the Entra ID account?

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,170 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,564 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marcin Policht 11,385 Reputation points MVP
    2024-03-22T14:58:37.75+00:00

    Make sure to follow https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-domain-services-enable?tabs=azure-portal

    In particular, verify that the following works:

    cmd.exe /C "cmdkey /add:`"<storage-account-name>.file.core.windows.net`" /user:`"localhost\<storage-account-name>`""
New-PSDrive -Name Z -PSProvider FileSystem -Root "\\<storage-account-name>.file.core.windows.net\<file-share-name>" -Persist

    hth Marcin

    0 comments
  2. Carlos Solís Salazar 16,611 Reputation points
    2024-03-23T14:52:05.6033333+00:00

    Are you using an AD DS user or an Entra ID User?

    Usually, if you use a Native Entra ID User it will give you that error.

    You must use a user that is created in your Entra Domain Services Domain

    Accept the answer, if any of the above helped, this answer can help others in the community looking for solutions to similar problems.

    0 comments
  3. Sumarigo-MSFT 43,801 Reputation points Microsoft Employee
    2024-03-25T10:19:32.59+00:00

    @Danny Foulstone Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    1. Check that the storage account has been domain-joined correctly. You can follow the steps in the Microsoft documentation to domain-join your storage account: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable#12-domain-join-your-storage-account.
    2. Check that the Azure VMs are joined to the same domain as the storage account. Make sure that the VMs are joined to the correct domain and that they are able to communicate with the domain controller.
    3. Check that the DNS settings on the Azure VMs are configured correctly. Make sure that the VMs are using the correct DNS server and that they are able to resolve the domain name of the storage account.
    4. Check that the firewall settings on the Azure VMs are configured correctly. Make sure that the VMs are able to communicate with the storage account over the required ports.

    There is a video which gives detailed information on Azure files Integration

    Troubleshoot Azure Files identity-based authentication and authorization issues (SMB)

    Additional information: Based on the error message there are few thread, which provide more insights on your query.

    Azure Files, network password is not correct when using storage account key Network password incorrect using Azure AD DS Identity
    Replacing on-premises file servers with Azure Files (including setup on private link for files and AD authentication)
    Mounting azure files | "The specified network password is not correct.

    Azure Files, network password is not correct when using storage account key

    If the issue still persist, I would like to work closer on this issue.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.