Convert Azure Files Storage account to AES256

This issue is now documented -
Troubleshoot Azure Files identity-based authentication and authorization issues (SMB) - Azure | Microsoft Learn
//First update the storage account to support AES256 - 

$ResourceGroupName = "<resource-group-name-here>"

$StorageAccountName = "<storage-account-name-here>"

Update-AzStorageAccountAuthForAES256 -ResourceGroupName $ResourceGroupName -StorageAccountName $StorageAccountName

and then 
Enable AD DS Authentication for Azure Files | Microsoft Learn
Set-ADComputer -Identity <domain-object-identity> -Server <domain-name> -KerberosEncryptionType "AES256"

Then - Once you update the storage account to use AES256 and the local AD Computer Object - You need to also run klist purge on the client and then remount the file share to get new Kerberos tickets with AES-256.

Also make sure the local machine supports AES256 as well