Add permission to create DFS namespace in Azure AD Services
I'm using Azure Active Directory Domain services and would like to have ability to create DFS namespace in AD.
Scott Heath commented
This was silly to decline. AWS offers a full service managed AD DS and here I am on Azure with less capability than my counterpart on AWS. It's embarrassing to go into meetings and say I can't replicate a feature on Microsoft's cloud with Microsoft's products.
Phil Brewer commented
This needs to be revisited by Microsoft. There are many use cases where this is necessary. I have a need for it currently. We are using Azure Premium File Shares but have the need in some of our WVD pools for very high IO storage. We are currently using Azure Files Sync and tiering to IaaS File Server VMs with Ultra disks to provide the performance necessary. Having the ability to create a consolidated domain based namespace in our AADDS managed domain would be invaluable for this.
All this would take is to get the AAD DC Admins group permissions added on the DFS-Configuration container in the AAD Schema.
Can I humbly suggest that you consider how to bring Azure Files under a namespace similar to DFS? Currently, the only way my Service Fabric container can connect to a UNC path is via an AD gMSA. I have a volume mount working, however for a particular scenario I need a UNC path. If Azure Files can exist as a volume under a namespace, my issue would be solved. Would love to know if this is possible already.
Mike Stephens commented
There is no plan to for Azure AD DS to support this. The idea and proper scenario is to have Azure files support this as a first class Azure service that uses Azure Active Directory for its identity and uses modern authetnication.
Senior Program Manager
Azure Fabric | Domain Services
very interested in this for our org.