How to join Azure File Share to Active Directory Domain Controller

How to join Azure File Share to Active Directory Domain Controller

Azure Files authentication against  Server Message Block (SMB) for Active Directory Domain Service (AD DS) was due for a long time and now it's available. This post will quickly show how to enable it.  First of all, you need to Join the Azure File Share to the domain. You can see below the Azure Files have not joined the domain.

Step 1:  Download the AzFilesHybrid module from here.  It will contain the below files.

Step 2: Open the PowerShell and navigate to the directory where the downloaded files are and Set-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Currentuser

Step 3: Run  .\CopyToPSPath.ps1  and after that Import-Module -name AzFilesHybrid

Step 4. Run Connect-AzAccount to login to the Azure subscription.

Step 5: Run Select-AzSubscription -SubscriptionName "Azure Subscription Name"

Step 6: Run to jon the storage account to the domain join-AzStorageaccountForAuth -ResourceGroupName "<resource-group-name>" -Name "<storage-account-name>" -DomainAccountType "ComputerAccount" -OrganizationalUnitName "<OU--FRIENDLY-NAME>"

Step 7: You can see the storage account 'addsrest' as a computer account in your domain controller as below.


Step 8: You can check its properties below.

Step9: On the Azure portal, verify the storage account has joined AD DS.


Step 10: Now, assign the user permission to access the resources as below.


Step 11: Map the Azure File share as a drive on the domain-joined computer.


Step 12: You will see something like below.

I hope this is helpful and if there’s something specific you want to hear about, let us know in the comments, or tweet us at @sakaldeep