ACL's for AzureFiles
I've started experimenting with Azure Files. One of the features I'm lacking is the fact that you cannot give access to Folders/Files on AzureFiles based on Active Directory credentials. If you setup a typical fileshare one would like to be able to grant/revoke access to folders and files based on information of users in AD.
We recently announce the General Availability of Azure Active Directory Domain Services (Azure AD DS) authentication for Azure Files! By enabling integration with Azure AD DS, you can mount your Azure file share over SMB using Azure AD credentials from Azure AD DS domain joined Windows VMs with NTFS ACLs enforced. For more details, please refer to our blog post:http://aka.ms/azure-file-aadds-authentication-ga-blog.
A part of the GA announcement, we shared the upcoming plan to extend the authentication support to Active Directory (AD) either hosted on-premises or in cloud. If you need an Azure Files solution with AD authentication today, you can consider installing Azure File Sync (AFS) on your Windows File Servers where AD integration is fully supported.
If you are interested to hear future updates on Azure Files Active Directory Authentication, please complete this sign-up survey:https://aka.ms/AzureFilesADAuthPreviewSurvey.
Azure Files Team
Like all of you, I'm waiting, hoping for this yesterday! However, I was able to connect to an Azure VM share. While this does not have the simplification of setting up Azure Files, It enables security using IDs on Azure AD.
1) Enable Azure AD Domain Services
2) Create a VM, adding it to the domain.
3) Connected to share using \\ServerName\ShareName, from the workstation file explorer.
Is there an update on this item? Since the first half of the year is nearly over, can we expect to see a preview coming soon? Thank you.
This will be a great feature once AD integration and ACLs are added. Until then... it's basically useless.
We don't even have a real console yet to Azure VM's. Why should we expect AD integration in AzureFiles anytime soon.
Yeah this comment is meant to slice open a wound and pour acid in it. Doesn't MS have Billions of dollars to implement this ****?
this is stopping me too, 150TB of file data sat wanting to be moved. problem is due to SAN renewals we may move away from trying to do this
I agree, also security logs for this should be able to sent over to Azure Log Analytics. This prevents organizations that have strict security requirements from using Azure Files. Many organizations have a security requirement to maintain access logs to all files to have an audit trail of what user accounts are accessing what data.
Chris Polewiak commented
Please add Azure AD authentication to SMB shares from Azure Files.
We were expecting something beginning of May with the release of AZ FilesSync, when are we going to see some action?
David Wright commented
Any further update on the timeline for this please? Azure files is looking like the solution for our need but access control using AAD accounts is needed to make this a solution.
When is the release date. Customer is not accepting without this feature.
Adrian Edgar commented
Any more information on a date for release yet? Without this feature several of my customers won't go near Azure file shares. Wasted revenue opportunities.
Still waiting for this core feature for Azure file hosting - a key part of any security strategy.
"Azure File Sync is an effective stop-gap option until full support for Active Directory-based authentication and ACL support arrives."
+1 Waiting for this.
Need to support Azure B2C AD. (and OAuth in general)
(This could be solved by Active Directory Integration)
Right now, the user name for connecting to the file share is always the storage account name. If multiple users connect, they have to share an account. This makes auditing virtually impossible.
Peter Thomas commented
This should be a core feature of Azure File Share.
Gary Bond commented
Any update on when this might become available?
Last update from MS is June 25 2015 it's on the backlog.
[Deleted User] commented
Any update on this? it’s a critical feature that everyone is waiting for..
Damien J. commented
We look forward to these features .