0

I have on-premise AD and it syncs with Azure AD. I have setup ADDS on the Azure for AAD authentication for Azure files. I have setup the storage account and enabled the Azure Active Directory Authentication for Azure files, given appropriate permission to the user under IAM but when I try to access the File share from my on-premise computer which is joined to on-premise DC, I am unable to access the share with my AD account. I can access the share using storage name and the key.

How can I finish setting up AAD Auth?

Improve this question
5
  • when i try to access the File share from my on-premise computer which is joined to on-premise DC, i am unable to access the share with my AD account - that could literally mean anything. What exactly happens when you try to access the files? Do you get authentication errors? Commented May 30, 2019 at 0:21
  • it asks for the credential, when i enter my email address or domain credential, it does not work. it says the specified network password is not correct Commented May 30, 2019 at 1:30
  • Is the on-premise computer from which you try to authenticate hybrid-joined, meaning that it (Windows 10) has a computer account on-premises and within Azure-AD as well? Commented May 30, 2019 at 5:46
  • i am using windows 10, a computer account on-premises and connected to abc***.local domain Commented May 30, 2019 at 6:04
  • yes, it is hybrid joined. [email protected] and xxxx.local under Accounts>Access work or school under Windows 10 settings Commented May 31, 2019 at 0:15

1 Answer 1

Reset to default
0

This won't work. The Azure Files AAD preview only supports accessing the share from machines that are joined to the Azure AD DS domain, not your on premesis domain that is synced to AAD:

Integration with AAD enables SMB access to Azure file shares using AAD credentials from AAD DS domain joined Windows VMs.

https://azure.microsoft.com/en-us/blog/azure-active-directory-integration-for-smb-access-now-in-public-preview/

Improve this answer
6
  • i created another vm in Hyper-V on my Windows 10 machine and joined to Azure AD and login with my email address and password and tried to access the share folder, i cannot. Commented Jun 5, 2019 at 3:17
  • also, created a test user account in Azure AD and tried to login on the vm created in Hyper-V, it cannot find the new test account even (assign E3 license to this user) Commented Jun 5, 2019 at 4:02
  • i think the vm needs to in azure vnet network, not on-premises, correct? Commented Jun 5, 2019 at 4:10
  • It doesn't have to be on the vNet, unless you enable service endpoints, however what you have done also won't work. You need to join the the Azure AD DS domain using the regular domain join option in Win10, not the Join Azure AD option. Commented Jun 5, 2019 at 13:16
  • i tried joining to abc.com not the abc.local (our domain) using regular domain join option on on-premise computer and it errored out stating ADDS service is not found. Commented Jun 6, 2019 at 0:49

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.