ACL's for AzureFiles
I've started experimenting with Azure Files. One of the features I'm lacking is the fact that you cannot give access to Folders/Files on AzureFiles based on Active Directory credentials. If you setup a typical fileshare one would like to be able to grant/revoke access to folders and files based on information of users in AD.
We announced earlier today the public preview of Active Directory authentication and authorization support for Azure Files. With this feature, just like a traditional on-premises file server, you can domain join your storage account to your regular Active Directory domain and set file/folder ACLs on your file shares just like you expect! This preview release makes it seamless for Azure Files to work with existing Active Directory with no change in the client environment.
To learn more, please see our blog post here: https://azure.microsoft.com/blog/preview-of-active-directory-for-authentication-on-azure-file
Our public preview for Azure Files and AD DS is distinct from our existing support for Azure AD DS, which we will continue to support as generally available feature.
Please don’t hesitate to reach out to us if you have further questions about how to setup and deploy this feature or about other features. You can reach us at AzureFiles@microsoft.com.
Senior Program Manager, Azure Files
We need this feature to ensure that when an employee leaves, they no longer have access to storage accounts.
posted almost 2 years ago.... how is this not a priority ?
Without ACL for Azure fileshares I can't use this for any kind of solution really, which is a shame because it's almost there.
We are also using Azure Files with Azure RemoteApp and are in need of ACL support.
We are using Azure Files with Azure RemoteApp and we would really like to see ACL support so we can make better use of the storage without having to create individual storage accounts to isolate data
Vojtech Vit commented
+3. We need the same - but for Blob Service.
BJ Johnson commented
We are implementing azure file services for archiving data, we would like to be able to have AD integration or at least the ability for ACL's on the different shares within File Services storage
Simon Hudson commented
We were really hoping to be able to use Azure storage to replace file servers for several of our clients. To achieve this we need Active Directory integration, granular permission and the ability to migrate permissions from the existing file server to Azure file storage with the ability to remap the user identities in the process.
I.e. we may move some of the clients to a pure Azure Active Directory model where they no longer have an on premise identity, so the old identity will need to be mapped to the new one.
Please provide AD integration and ACL for Azure File Storage.
Pete Hall commented
Any news on this? Integration with Azure AD is a must
+1 This feature should be supported.
Shuhei Uda commented
We need you to permit ACL feature for Azure Storage (Blob, Table, Queue, Files).
Since Azure Storage does not have source IP filtering now, it is unusable to save confidential data. (ex. personal information, payment data, security data, etc.)
Azure Storage (Blob, Table, Queue, Files) でアクセス制限を可能にしてほしい。
Ingram Leedy commented
+1 yes yes yes
M. Willemsen commented
This would be great! Hope this will be implemented soon.
Teppei Ishii commented
without ACL and quota, Azure Files is only for someone who owns & administors Azure Storage account. This cannot be truely the enterprise capable solution.
Allow AzureAD User access and file permission control with the Storager > File Service > File Shares.
I want to map the file shares directly to end point systems but need to be able to set access permissions.
Jono Walker commented
I would also love this as we could move our EFSS from another provider
Xiaolin An commented
+1 for ACL and quota implementation
Peter Selch Dahl commented
Please see Advisors forum for feedback in regards to this feedback request. I PING Lavanya from the Azure Storage team. We really need this function now. Let's get up the votes!
+1 This will immensely help me remove my aging file server