Share via

automap azure storage file shares when logging into enrolled entra id devices

Gerald Humphreys 20 Reputation points
2025-05-03T22:10:03.7733333+00:00

Hello.

I have a Azure Storage account with one file shared. I have I have added users to a security group and given that security group contrabute permissions in the file share.

I dont know how i will map this file share in windows when users login to there computers.

Please can you assist/

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,482 questions
0 comments
Accepted answer
  1. Marcin Policht 46,190 Reputation points MVP Moderator
    2025-05-03T23:27:59.3466667+00:00

    Follow https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-hybrid-identities-enable?tabs=azure-portal%2Cintune

    Note that this works only if you are using Entra ID user accounts which has been sourced from an Active Directory domain. Cloud only accounts are not supported

    If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.

    hth

    Marcin

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nandamuri Pranay Teja 2,260 Reputation points Microsoft External Staff Moderator
    2025-05-05T04:59:13.4266667+00:00

    Hello Gerald,

    Thank you for your question!

    Firstly, ensure port 445 is open (often blocked by ISPs) and verify the security group is correctly assigned "Contribute" permissions & double-check the storage account name and key.

    Azure File Share Connection:

    Navigate to your Storage Account - Select "File shares" from the left menu - Click on your file share - Click the "Connect" button - Select "Windows" from the dropdown menu - Note the connection script provided - it contains important information (Storage account name, File share name, Connection string or SAS token)

    Manual Mapping (One-time setup for each user)

    1. Open File Explorer
    2. Right-click on "This PC" and select "Map network drive"
    3. Choose a drive letter (like Z:)
    4. For the folder path, enter: \\<storage-account-name>.file.core.windows.net\<file-share-name>
    5. Check "Connect using different credentials"
    6. Click "Finish"
    7. When prompted, enter credentials:
      • Username: Azure\<storage-account-name>
      • Password: Storage account key (from Azure Portal)

    In Azure AD, you can set up more secure authentication by Configure Azure AD Domain Services or Azure AD Authentication for the storage account.

    • go to Storage Account > File Shares > select your share
    • Select "Configuration" and enable "Azure Active Directory (Azure AD) authentication"
    • Users will then authenticate with their Azure AD credentials

    References:

    1. https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-assign-share-level-permissions?tabs=azure-portal
    2. https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-configure-file-level-permissions

    Hope the above answer helps! Please let us know do you have any further queries.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.