Forum Discussion
KVS
May 12, 2022Copper Contributor
Azure file share mapping for all users
I have an Azure Files share which is enabled for On-prem AD authentication. What is the best way to map this file share for all users on a session host. I am looking for options other than GPO or using startup net use batch files to map this drive. Are there any issues if I map this drive using the storage account and capture this configuration in the image. Users will login to VM using their on-prem AD credentials. According to MS - Connecting to a share using the storage account key is only appropriate for admin access. Mounting the Azure file share with the Active Directory identity of the user is preferred.
- Luke MurrayLearn ExpertIf its enabled for on-premises authentication, then you can setup access through AD groups. You mount it with your storage key, then you can create the folders and do the permission mapping. The storage account key, gives a lot more privileges then the users need.
https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-configure-permissions?WT.mc_id=AZ-MVP-5004796
Group Policy is preferred to map, and gives you extra flexibility if you ever need to quickly change the drive location without having to redeploy.