Azure Files Active Directory (AD) authentication is now in preview. This feature means you will be able to mount your Azure Files using AD credentials with the access control experience you already use on-premises.
Some key benefits:
- You can use an Active Directory domain service either on-premises or on Azure for authenticating user access to Azure Files on all tiers. If your Active Directory identities are synced to Azure AD, you simply manage the share level file permission through standard role-based access control.
- When migrating file servers to the cloud, it is common to move the data and preserve the existing Active Directory set-up. Now Azure Files can work with the existing Active Directory with no change in the client environment. You can even carry over all existing NTFS DACLs that have been configured on the directories and files.
- Azure Files is now more functional as the storage solution for Virtual Desktop Infrastructure user profiles. Use Azure Files as the user profile storage so when a user logs into the session, only the authenticated user’s profile is loaded.
You can learn more about this on the Microsoft announcement page, where there is also a video to walk you through the end-to-end setup: https://azure.microsoft.com/en-us/blog/preview-of-active-directory-for-authentication-on-azure-file/