Accessing file share over P2S VPN using Entra Domain Services as authentication

Zuuber 5 Reputation points
2024-09-25T10:30:28.4633333+00:00

I am trying to access an Azure file share over P2S Azure VPN.

The file share is closed for public access but is accessible via private endpoint.

The file share is configured to use Entra Domain Services as authentication.

My local machine is not connected to the domain within Azure which is hosted via Entra Domain Services.

When i try and access the share from local machine I do receive the Windows authentication prompt but the error message being returned suggests that the credentials are incorrect but i am positive the credentials are correct, I am entering the credentials in the format of user@domain and also domain\user. If i use the access key to access the share this works but i need to authenticate via the Entra Domain Services user\pass.

If i log into a VM within Azure that is connected to the domain the share works fine, the issue is only when trying to access the share from a non-domain joined PC which is using Azure VPN P2S. Other services which use the VPN work fine, for example i can connect to an SQL Managed Instance within Azure fine.

Any help would be appreciated.

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,537 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,801 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Rohith Vinnakota 600 Reputation points Microsoft Vendor
    2024-09-27T16:38:58.4666667+00:00

    Hi Zuuber,

    Thank you for reaching out to us on the Microsoft Q&A forum.

    As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

    Issue: Accessing file share over P2S VPN using Entra Domain Services as authentication.

    Solution: As the VPN gateway and Entra Domain Services are on different VNETs there was already peering between the VNETs setup but 'Allow gateway or route server in VNET1 to forward traffic to VNET2' needed to be selected within VNET1 peering config and 'Enable VNET2 to use 'VNET1s' remote gateway or route server' needed selecting in VNET2 peering option.


    Remember to "Accept Answer" so that others in the community who are experiencing similar challenges can easily find a solution.

    Your contribution is greatly appreciated.

    Regards,
    Rohith

    1 person found this answer helpful.

  2. Zuuber 5 Reputation points
    2024-09-27T08:52:10.1233333+00:00

    This is now resolved, if anyone is interested, as the VPN gateway and Entra Domain Services are on different VNETs there was already peering between the VNETs setup but 'Allow gateway or route server in VNET1 to forward traffic to VNET2' needed to be selected within VNET1 peering config and 'Enable VNET2 to use 'VNET1s' remote gateway or route server' needed selecting in VNET2 peering option.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.