Forum Discussion

StefanKi's avatar
StefanKi
Iron Contributor
Jan 28, 2020

Fileshare connect to AD

I like to bring my windows file share to the azure cloud. I want to connect the file share to an AD (domain controller runs in a VM). Is it possible? How can I do this?

  • Brent_Lea's avatar
    Brent_Lea
    Copper Contributor

    StefanKi I've got some questions for you.

    • Do you already have an on-premises Active Directory that this will be part of?
    • Do you already have an Azure tenant?
    • If you have an Azure tenant, do you have ExpressRoute connectivity to it either through VPN or an MPLS connection?

    There are multiple options depending on your current configuration.

    • StefanKi's avatar
      StefanKi
      Iron Contributor

      We have an on-premise Active Directory and an azure tenant. The azure tenant has 

      - private network (connected to on-premise by VPN)

      - storage account 

      - inside in the storage account, there is a file share

       

      Now I like to connect the file share to my on-premise Active Directory and manage the shares with the AD.

       

      Regards

      Stefan

       

      • Brent_Lea's avatar
        Brent_Lea
        Copper Contributor

        StefanKi 

        I don't believe you'll be able to do that.  Take a look at the link below.  You'll probably need to use Azure AD Domain Services for that to work but there are caveats in that the computers connecting to the share would need to be Azure AD Domain Services joined instead of on-premises AD joined.

         

        For what you are trying to do, you'll probably need to have an IaaS VM acting as a file server.  You would probably also want an IaaS VM to use as a domain controller in Azure.  The file server could be joined to your current on-premises AD and control access to the file share.  You could still leverage Azure File Services on the back end for storage.

         

        https://docs.microsoft.com/en-us/azure/storage/files/storage-files-faq#security-authentication-and-access-control

         

        Hope this helps.  Maybe someone else in the community has a better solution or recommendation.

         

        Thanks,

         

        Brent

Resources