Identity-based authentication (Active Directory) for Azure file shares with OnPremise AD DS

EnterpriseArchitect 5,516 Reputation points
2022-09-02T08:03:37.787+00:00

Folks,

How can I allow certain AD DS security group member to access the Azure Storage Account File Share \StorageAccountFileName.file.core.windows.net\storedfiles ?

What are the steps and the procedure to allow me to achieve this.

237232-image.png

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,279 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,985 questions
0 comments No comments
{count} votes

Accepted answer
  1. JimmySalian-2011 42,191 Reputation points
    2022-09-02T08:21:27.097+00:00

    Hi EA,

    There are 2 parts to acheive this and first is to enable the ADDS to allow / enable access to the Storage account and 2nd is to assign share-level permissions to an identity and there are two ways you can assign share-level permissions. You can assign them to specific Azure AD users/user groups and you can assign them to all authenticated identities as a default share level permission.

    storage-files-identity-ad-ds-enable

    storage-files-identity-ad-ds-assign-permissions

    ==
    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Limitless Technology 39,731 Reputation points
    2022-09-05T07:47:30.657+00:00

    Hello there,

    You can enable identity-based authentication with either Azure AD DS or on-premises AD DS for Azure file shares on your new and existing storage accounts. Only one domain service can be used for file access authentication on the storage account, which applies to all file shares in the account.

    Overview of Azure Files identity-based authentication options for SMB access https://learn.microsoft.com/en-us/azure/storage/files/storage-files-active-directory-overview

    ---------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer--

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.