@SenhorDolas Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.
AD authentication for Azure Files is a hybrid setup. Permission has to be granted at share level(RBAC) and also NTFS(AD) level, we cannot override and use only NTFS(AD) which is what are you referring?
If you have traditional File Server in that case where you will have full control on the share and all permission goes via on-prem AD.
Azure RBAC share-level permissions as the high-level gatekeeper that determines whether a user can access the share. While the Windows ACLs operate at a more granular level to determine what operations the user can do at the directory or file level. Both share-level and file/directory level permissions are enforced when a user attempts to access a file/directory, so if there is a difference between either of them, only the most restrictive one will be applied. For example, if a user has read/write access at the file-level, but only read at a share-level, then they can only read that file. The same would be true if it was reversed, and a user had read/write access at the share-level, but only read at the file-level, they can still only read the file.
For more information refer to this article: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-configure-permissions
Note: So both are needed and this is by design.
I assume your expectation of using NTFS(AD) only control might come up am I correct? If so I wish you may leave your feedback here All the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
Additional information: You can refer to this thread how RBAC works
If you still find any difficulties, I wish to engage with you offline for a closer look and provide a quick and specialized assistance, please send an email with subject line “Attn:subm” to AzCommunity[at]Microsoft[dot]com referencing this thread and the Azure subscription ID, I will follow-up with you. Once again, apologies for any inconvenience with this issue.
Thanks for your patience and co-operation.