How can we improve Azure Storage?

ACL's for AzureFiles

I've started experimenting with Azure Files. One of the features I'm lacking is the fact that you cannot give access to Folders/Files on AzureFiles based on Active Directory credentials. If you setup a typical fileshare one would like to be able to grant/revoke access to folders and files based on information of users in AD.

2,947 votes
Vote
Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
You have left! (?) (thinking…)
Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

Hi folks,

We have shipped a public preview of integration with AAD DS: https://azure.microsoft.com/blog/azure-active-directory-integration-for-smb-access-now-in-public-preview/

What we have in preview is a first step along a much larger roadmap for integration with AAD/AD for authentication and authorization. As the blog post says, this initial preview is really about Windows cloud VM access to the Azure file share with an AAD identity. Future refreshes to this feature will add non-Windows (Linux, macOS, etc) support, and the ability to mount the Azure file shares on-premises with your AAD identity. You can learn more about this in our Ignite session as well (at around 22:00): https://www.youtube.com/watch?v=GMzh2M66E9o

We’ll keep you updated on our progress. In the meantime, don’t hesitate to continue posting feedback on this feature below.

Thanks,

Will Gries
Program Manager, Azure Files

121 comments

Sign in
(thinking…)
Sign in with: Microsoft
Signed in as (Sign out)
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    this is stopping me too, 150TB of file data sat wanting to be moved. problem is due to SAN renewals we may move away from trying to do this

  • MikeN commented  ·   ·  Flag as inappropriate

    I agree, also security logs for this should be able to sent over to Azure Log Analytics. This prevents organizations that have strict security requirements from using Azure Files. Many organizations have a security requirement to maintain access logs to all files to have an audit trail of what user accounts are accessing what data.

  • Matthew commented  ·   ·  Flag as inappropriate

    We were expecting something beginning of May with the release of AZ FilesSync, when are we going to see some action?

  • David Wright commented  ·   ·  Flag as inappropriate

    Any further update on the timeline for this please? Azure files is looking like the solution for our need but access control using AAD accounts is needed to make this a solution.

  • Adrian Edgar commented  ·   ·  Flag as inappropriate

    Any more information on a date for release yet? Without this feature several of my customers won't go near Azure file shares. Wasted revenue opportunities.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Still waiting for this core feature for Azure file hosting - a key part of any security strategy.

    "Azure File Sync is an effective stop-gap option until full support for Active Directory-based authentication and ACL support arrives."

  • Anonymous commented  ·   ·  Flag as inappropriate

    Right now, the user name for connecting to the file share is always the storage account name. If multiple users connect, they have to share an account. This makes auditing virtually impossible.

  • Gary Bond commented  ·   ·  Flag as inappropriate

    Any update on when this might become available?
    Last update from MS is June 25 2015 it's on the backlog.

  • Jonathan PREVOT commented  ·   ·  Flag as inappropriate

    Now Azure Active Directory is perfectly launch can we hope this feature will be really planned? It's a very important and interesting for most of our customers.

  • Ravi Patil commented  ·   ·  Flag as inappropriate

    We have so many customers looking for storage with user access policies. Following features required. File versioning, file modifying/deletion logs (Ex: which user modified files).

  • Scott M commented  ·   ·  Flag as inappropriate

    Yep.. Move it up! AD integration should have been on the top of the list. If I cannot assign permissions to files and directories in a file storage resource using AD credentials. The resource is useless.

  • Ben commented  ·   ·  Flag as inappropriate

    763 votes and this has been open for approx 3.5 years.

    Can we have a "real" update on this ? i.e. 3.5 year delay seems like its not going to happen and the current status of "planned" is not correct.

Feedback and Knowledge Base