Identity-based authentication (Active Directory) for Azure file shares with OnPremise AD DS

EnterpriseArchitect 4,641 Reputation points


How can I allow certain AD DS security group member to access the Azure Storage Account File Share \\storedfiles ?

What are the steps and the procedure to allow me to achieve this.


Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,650 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,405 questions
0 comments No comments
{count} votes

Accepted answer
  1. JimmySalian-2011 41,916 Reputation points

    Hi EA,

    There are 2 parts to acheive this and first is to enable the ADDS to allow / enable access to the Storage account and 2nd is to assign share-level permissions to an identity and there are two ways you can assign share-level permissions. You can assign them to specific Azure AD users/user groups and you can assign them to all authenticated identities as a default share level permission.



    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.

1 additional answer

Sort by: Most helpful
  1. Limitless Technology 39,331 Reputation points

    Hello there,

    You can enable identity-based authentication with either Azure AD DS or on-premises AD DS for Azure file shares on your new and existing storage accounts. Only one domain service can be used for file access authentication on the storage account, which applies to all file shares in the account.

    Overview of Azure Files identity-based authentication options for SMB access


    --If the reply is helpful, please Upvote and Accept it as an answer--

    1 person found this answer helpful.