question

SemaanRabih-6214 avatar image
0 Votes"
SemaanRabih-6214 asked SemaanRabih-6214 commented

Azure File Share AADS

Dears,

I have a general purpose V2 Storage account with File Share configured to authenticate with AADS, however when granting access as Share file reader or contributor or elevated contributor to a user federated in Azure AD, I am not able to map the drive however by using a .onmicrosoft.com account it works.
I am using public endpoint (By default)
What could be the issue.

The error is: incorrect username or password or requesting to put credentials again. ( Noting that the credentials are correct)

Thank you & Best Regards,

azure-files
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SumanthMarigowda-MSFT avatar image
0 Votes"
SumanthMarigowda-MSFT answered SemaanRabih-6214 commented

@SemaanRabih-6214 Firstly, apologies for the delay in responding here! Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

Firstly, Let me explain, How RBAC works in Azure Storage

Assign the Azure Storage Contributor role and check for the status.

After you assign share-level permissions with RBAC, you must assign proper NTFS permissions at the root, directory, or file level. Think of share-level permissions as the high-level gatekeeper that determines whether a user can access the share. Whereas NTFS permissions act at a more granular level to determine what operations the user can do at the directory or file level.

Azure Files supports the full set of NTFS basic and advanced permissions. You can view and configure NTFS permissions on directories and files in an Azure file share by mounting the share and then using Windows File Explorer or running the Windows icacls or Set-ACL command.

Please refer to this article, which provides the complete details of Azure File Share AADS with the access part

If the issue still persist, please share the screenshot of the issue. I would like to work closer on this issue


Please let us know if you have any further queries. I’m happy to assist you further.

Please do not forget to and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.




· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SemaanRabih-6214 avatar image SemaanRabih-6214 ·

Hello Sumarigo,

Thank you for the welcome.
In fact for the RBAC it is share reader access and contributor. When the user is federated which means from onprem synched to azure ad it does not work however when it is a user in the domain onmicrosoft.com it works. You can find below the screenshots.207672-tmp-f4af29ab-8b53-49d6-84ad thisbis when using federated user i have this error message. -96924bbbc312.jpg207634-tmp-567fdbfa-8ca5-4fc4-9789-5c95d5e96496.jpg


0 Votes 0 ·
tmp-f4af29ab-8b53-49d6-84ad-96924bbbc312.jpg (23.9 KiB)
tmp-567fdbfa-8ca5-4fc4-9789-5c95d5e96496.jpg (41.5 KiB)