ACL's for AzureFiles
I've started experimenting with Azure Files. One of the features I'm lacking is the fact that you cannot give access to Folders/Files on AzureFiles based on Active Directory credentials. If you setup a typical fileshare one would like to be able to grant/revoke access to folders and files based on information of users in AD.
We have shipped a public preview of integration with AAD DS: https://azure.microsoft.com/blog/azure-active-directory-integration-for-smb-access-now-in-public-preview/
What we have in preview is a first step along a much larger roadmap for integration with AAD/AD for authentication and authorization. As the blog post says, this initial preview is really about Windows cloud VM access to the Azure file share with an AAD identity. Future refreshes to this feature will add non-Windows (Linux, macOS, etc) support, and the ability to mount the Azure file shares on-premises with your AAD identity. You can learn more about this in our Ignite session as well (at around 22:00): https://www.youtube.com/watch?v=GMzh2M66E9o
We’ll keep you updated on our progress. In the meantime, don’t hesitate to continue posting feedback on this feature below.
Program Manager, Azure Files
this is stopping me too, 150TB of file data sat wanting to be moved. problem is due to SAN renewals we may move away from trying to do this
I agree, also security logs for this should be able to sent over to Azure Log Analytics. This prevents organizations that have strict security requirements from using Azure Files. Many organizations have a security requirement to maintain access logs to all files to have an audit trail of what user accounts are accessing what data.
Chris Polewiak commented
Please add Azure AD authentication to SMB shares from Azure Files.
We were expecting something beginning of May with the release of AZ FilesSync, when are we going to see some action?
David Wright commented
Any further update on the timeline for this please? Azure files is looking like the solution for our need but access control using AAD accounts is needed to make this a solution.
When is the release date. Customer is not accepting without this feature.
Adrian Edgar commented
Any more information on a date for release yet? Without this feature several of my customers won't go near Azure file shares. Wasted revenue opportunities.
Still waiting for this core feature for Azure file hosting - a key part of any security strategy.
"Azure File Sync is an effective stop-gap option until full support for Active Directory-based authentication and ACL support arrives."
+1 Waiting for this.
Need to support Azure B2C AD. (and OAuth in general)
(This could be solved by Active Directory Integration)
Right now, the user name for connecting to the file share is always the storage account name. If multiple users connect, they have to share an account. This makes auditing virtually impossible.
Peter Thomas commented
This should be a core feature of Azure File Share.
Gary Bond commented
Any update on when this might become available?
Last update from MS is June 25 2015 it's on the backlog.
[Deleted User] commented
Any update on this? it’s a critical feature that everyone is waiting for..
Damien J. commented
We look forward to these features .
Jonathan PREVOT commented
Now Azure Active Directory is perfectly launch can we hope this feature will be really planned? It's a very important and interesting for most of our customers.
Ravi Patil commented
We have so many customers looking for storage with user access policies. Following features required. File versioning, file modifying/deletion logs (Ex: which user modified files).
Scott M commented
Yep.. Move it up! AD integration should have been on the top of the list. If I cannot assign permissions to files and directories in a file storage resource using AD credentials. The resource is useless.
763 votes and this has been open for approx 3.5 years.
Can we have a "real" update on this ? i.e. 3.5 year delay seems like its not going to happen and the current status of "planned" is not correct.