Share via

Azure File Shares Active Directory Authentication issue

AY 36 Reputation points
2021-11-22T21:10:10.97+00:00

Hi All

Not sure if I missed something but I am mapping a drive to Azure File Share using Active Directory authentication and it gives me an error 'domain controller cannot be contacted...'.

If I connect on the VPN to my on-premise server first then map the drive it authenticates fine and allows me in. It seems to be setup correct as some folders are not accessible to me due to NTFS permissions already setup from the server.

My server AD is connected to Azure AD with AD Connect.

Can anyone point me in the right direction as I really need to connect and authenticate the Azure File Share without requiring to connect to the VPN.

Thanks in advance.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,420 questions
Azure Storage
Azure Storage
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,529 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sumarigo-MSFT 47,466 Reputation points Microsoft Employee Moderator
    2022-01-08T13:48:49.907+00:00

    @Jordan Lance @AY Firstly apologies for the delay response!

    Hope you you have followed the perquisites ? and below mentioned setup.
    You can enable the feature on a new or existing on-premises AD DS environment. Identities used for access must be synced to Azure AD or use a default share-level permission. The Azure AD tenant and the file share that you are accessing must be associated with the same subscription.

    Enabled and deployed Azure ADDS on a 'Standard' tier
    Update the DNS settings and allowed Azure to autopopulate the DNS settings.
    Enabled password hash synchronization from our on-prem DC to Azure AD and confirmed it is synchronizing.
    Created an Azure Storage Account, and enabled it for Azure AD DS authentication. (I checked the box "Default to Azure Active Directory authorization in the Azure portal")
    Created the File Share in the storage account and enabled it for Azure AD DS authentication.
    Setup access at share level by providing role assignments to the "Storage File Data SMB Share Elevated Contributor" role to a group and an individual.

    There is video which explain how connect azure file share using Azure Active Directory Service

    • Hope you have provided the Share level access (Access control (I AM)to the storage account and File share!

    I tried to reproduce the issue I was able to mount azure file share using Active Directory.

    163373-123456789077.gif

    163296-image.png

    If the issue still persist, I would like to work closer on this issue!

    Please let us know if you have any further queries. I’m happy to assist you further.

    ---------
    Please do not forget to 163328-screenshot-2021-12-10-121802.png and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.