Access Azure File Share over the internet with AD Credentials

Question

Hi I have an Azure File Share configured and integrated with Active Directory.

Permissions are all working at the Share and NTFS level, and all works as expected from a PC that is connected inside the office, and can see a domain controller.

However, I would also like to be able to access the Azure file share when outside on the internet using AD credentials, however this does not work. It gives authentication errors.

I'm assuming this is a Kerberos issue as the client can't get a ticket from the DC, but I thought accessing the Azure File Share over the internet would be possible in some way. Am I missing something, should an Azure Fileshare be accessable over the internet from a domain joined PC with a correctly authenticated user (much like sharepoint, owa, teams etc)?

Thanks,

Answer 1

Hi @SKT

Thank you for asking this question on the **Microsoft Q&A Platform. **

You can set the on-premises Active Directory Domain Services authentication over SMB for Azure file shares following these instructions

Hope this helps,
Carlos Solís Salazar

----------

Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.
NOTE: To answer you as quickly as possible, please mention me in your reply.

---

Answer 2

Hi soysoliscarlos

I have followed those instructions and everything works fine in terms of AD DS authentication but only when clients are connected to the network internally (I'm assuming because users can "see" a Domain Controller).

The problem is that:
When users connect to the Azure file share from the internet they get an error "username or password is incorrect" (even though it is correct)

Everything I have read indicates that Azure File Share is available for connectivity as a "cloud" service from the internet, so my question is is this true and do I have some other issue that is causing authentication issues?

Simon