SOLVED

Azure ADDS and on-premise file server permissions

Copper Contributor

Hello!

I need some guidence regarding Azure ADDS and on-premise servers.

I have a customer that is using Office 365. Currently only for e-mail, Skype for Business and Office applications. They also have an on-premise file server and some  other application servers, but no local Active Directory. 

 

Currently they logon with local computer accounts and access file server shares using local accounts created on the file server.

 

The customer want to use their Office 365 accounts to login to their computers and access shares on the file server with the same account. Is this possible? I've been searching for this and found a couple of different forum threads but no definitive answer.

 

TLDR;

Would it be possible to setup Azure ADDS with Express Route or VPN to the customers network, join the on-premise servers to Azure ADDS and set permissions to folders/files for the Office 365 accounts on the on-premise servers?

 

Thanks in advance!

6 Replies
best response confirmed by thomas1984 (Copper Contributor)
Solution
No, this can’t be done!
What you can to do is set up an AD on premises and then match those accounts with your AAD accounts! They will then be able to use the same account to access on premises and cloud resources

Or I would prefer to move the file server to sharepoint and join their computers to Azure AD instead!

I had a bad feeling about this not being easy. Thank you for making this clear Adam. 🙂

How many users, client OS?

There are about 25 users, everyone is using Windows 10 Pro. Servers are Windows Server 2016 Standard, but one of them is only Windows Server 2012 Standard.

Depending on the workload on-premises I would consider to create an AD and sync those accounts to AAD!

I will look into that. Thanks! 🙂

1 best response

Accepted Solutions
best response confirmed by thomas1984 (Copper Contributor)
Solution
No, this can’t be done!
What you can to do is set up an AD on premises and then match those accounts with your AAD accounts! They will then be able to use the same account to access on premises and cloud resources

Or I would prefer to move the file server to sharepoint and join their computers to Azure AD instead!

View solution in original post