Azure Files authentication against Server Message Block (SMB) for Active Directory Domain Service (AD DS) was due for a long time and now it's available. This post will quickly show how to enable it. First of all, you need to Join the Azure File Share to the domain. You can see below the Azure Files have not joined the domain.
Step 1: Download the AzFilesHybrid module from here. It will contain the below files.
Step 2: Open the PowerShell and navigate to the directory where the downloaded files are and Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Currentuser
Step 3: Run .\CopyToPSPath.ps1 and after that Import-Module -name AzFilesHybrid
Step 4. Run Connect-AzAccount to login to the Azure subscription.
Step 5: Run Select-AzSubscription -SubscriptionName "Azure Subscription Name"
Step 6: Run to jon the storage account to the domain join-AzStorageaccountForAuth -ResourceGroupName "<resource-group-name>" -Name "<storage-account-name>" -DomainAccountType "ComputerAccount" -OrganizationalUnitName "<OU--FRIENDLY-NAME>"
Step 7: You can see the storage account 'addsrest' as a computer account in your domain controller as below.
Step 8: You can check its properties below.
Step9: On the Azure portal, verify the storage account has joined AD DS.
Step 10: Now, assign the user permission to access the resources as below.
Step 11: Map the Azure File share as a drive on the domain-joined computer.
Step 12: You will see something like below.
I hope this is helpful and if there’s something specific you want to hear about, let us know in the comments, or tweet us at @sakaldeep