1

I have set up an Azure Files share with Azure AD Kerberos as the authentication source.

I get the error below when running the connection script (Active Directory authentication) on an end user's PC.

The PC is Azure AD-joined, with the user logging in with an Azure AD account.

Users need to be able to access the Azure Files share when they are not on the local domain.

New-PSDrive : The system cannot contact a domain controller to service the authentication request. Please try again later
At C:\Users\testuser\Desktop\connect-files-share.ps1:4 char:5 +
New-PSDrive -Name Z -PSProvider FileSystem -Root "\storage ... +

 + CategoryInfo : InvalidOperation: (Z:PSDriveInfo) [New-PSDrive], Win32Exception + FullyQualifiedErrorId : CouldNotMapNetworkDrive,Microsoft.PowerShell.Commands.NewPSDriveCommand

The Azure website states: "Azure AD Kerberos authentication allows users to connect to Azure Files over the internet without requiring a line-of-sight to domain controllers."

Azure AD Kerberos Source

Improve this question

1 Answer 1

Reset to default
0

This article resolved the issue (creating the registry key):

https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-azure-active-directory-enable?tabs=azure-portal#configure-the-clients-to-retrieve-kerberos-tickets

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.