How to Enable Azure AD DS Authentication for your Azure file shares

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello hi everyone this is sandeep predi in this video i'm gonna walk you through in confirming azure file share with ad domain services integration and at the same time we will discuss about how to assign the share level permissions to ad users like typically how you do it in your own premises file share implementation so let me go through a few microsoft documents here it was explaining you how to integrate your storage account with active directory domain services and what are the prerequisites for this implementation and here you can see in azure we have three inbuilt roles for granting share level access to the users and here we have reader contributor and elevated contributor permissions for assembly share reader you will have just read access on the particular storage account and assembly share contributor will have read write and delete access an smb share elevated contributor will have a read write delete and at the same time he will have access to modify all the permissions to the users and the file shares and let's go back to the azure portal and let's see how we can create the storage account and how can we integrate with azure active directory domain services so yeah i already have active directory domain services in my portal so here you can see uh this is already registered domain and we have few users for this domain so you can see here sav one user one and user two already i've created this users and i'm using it and now i'm going to use this users for integrating with my storage account so let's create one storage account and let's see how can we achieve this so i'm going to creating one new storage account so i'm going to take one new source group as well and i'm going to name it as a file server this name should be unique and i'm going to create in my region southeast asia and i don't want something like juve redundancy or high ability so i'm going with local redundancy storage yeah public yeah it's fine yeah that's it i'm going to create a storage account it will take a couple of minutes to create the storage account it looks like it's created so let's go back to the storage account and create one file share so you can see here we have file view here just click on this i'm going to name it as like file share one and i'm giving something like around 100 gb so it's created now so in order to access this file just we need to click on connect so that we'll get all the login details for this file share so now here it is showing all my details something like what is my storage account and what is the username and what is the password so this is typically a normal file share now what we are going to do is we are going to integrate this storage account with my active directory so now just go back here so this is my storage account in order to provide access for your active directory so just go back to the configurations and here you can see the option like azure active directory domain services so by default it will be disabled so if you want to integrate with your dc so just click on enable and just click on save that's it by this uh your storage account is going to join your active directory domain services i think successfully it's completed so let's check whether it is reflected in our storage account and file share this is my file share just click on connect so now you can see some difference right we don't have any username or password or something like to access this file sheet so directly you can access this file share on your uh any one of the admission which is joined to that domain or any one of the normal machine which is joined to the domain so now what i'm going to do just i'm copying this link so this we are going to use this link for accessing your file share uh at the same time i have one machine here only this mission is a part of the domain so you can see it here from the predator cloud this is mission of of why am i doing okay let's access it here whether we are able to uh access the file share in my one of the dc mission so it's that we are not able to access it why because we didn't give the permissions for this file share for a particular [Music] user yeah let's try to create the permissions for him yeah already we have discussed right we have three permissions here like assembly reader contributor and elevated contributor so uh let me give a contributor role to him so that he can have read write and delete or let me give yeah it's okay we'll leave a contributor role so now you can see here we have three roles like elevator contributor contributor and reader so i'm going to give him like contributor and sell the user here the username is sap so let me cross check whether i am using this amp user or not yeah i'm using this app user that looks like we have the permission so now you can see it here assembly files your contributor we are going for sap user and let's try to connect it so it looks like some the issue let me cross check it so you forgot to add our permissions for storage account i think i've added for the file share button added the storage account so let me add the file share permissions for storage account so this is my storage account let's go to higher i'm going to add contributor role for snap1 user and let's try without is it going to work or not let's add it let's go back to my mission file share so that's working fine yeah that was a mistake we update we have added uh permissions in the storage account so after adding the storage account uh we are able to access it so let's create some files here so so let's save it yeah and let's go back to our file here and we'll see whether it's reflecting in here yeah that's reflecting here the same way you can add everything like i'm going to add one for folder here folder one so i've created let's go back and check it there yeah it's created here so this is a way you can integrate your file share with your active directory domain services
Info
Channel: Sandeep Azure Cloud
Views: 3,745
Rating: undefined out of 5
Keywords:
Id: D5w6Xtv_y0s
Channel Id: undefined
Length: 9min 57sec (597 seconds)
Published: Wed Nov 11 2020
Related Videos
Azure Files AD Authentication Integration
John Savill's Technical Training
13K
Deploy Azure AD Domain Service and Join a Server to the Domain
Travis Roberts
53K
Azure Point-to-Site VPN with Certificate Based Authentication
Travis Roberts
24K
How to replace an on-premises file server with Azure file shares
Microsoft Azure
29K
How To Setup Azure File Sync From Nothing in 20 Minutes Flat
URTechDotCa
25K
5- Azure AD Connect Sync : Duplicate Identities troubleshooting Scenario-1 : IT Admin Series
ITCents
2.6K
API Authentication with OAuth using Azure AD
Azure Power Lunch
5.7K
Settings Up Azure Active Directory Domain Services
MasterVisualStudio
154K
Azure AD - #2 - AzureAD Connect
Azure Academy
66K
Implement Windows Virtual Desktop using Azure AD Domain service and Azure file storage.
Ingram Micro Cloud ANZ
9.8K
Azure Files SMB Access with Windows AD
Travis Roberts
34K
Run Selenium Test on MS Azure Pipeline || Azure Cloud
Naveen AutomationLabs
34K
Azure Files Tutorial | Easy file shares in the cloud
Adam Marczak - Azure for Everyone
42K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.