We created an Azure Storage File Share and are trying to set up Identity-based authentication. We followed the GitHub sample for this that is available here: Azure Files Samples on GitHub
We were able to successfully run the following command to set up a user account corresponding to the storage account.
Join-AzStorageAccountForAuth `
-ResourceGroupName $ResourceGroupName `
-Name $StorageAccountName `
-DomainAccountType "ServiceLogonAccount" `
-OrganizationalUnitDistinguishedName "ou-distinguishedname-here"
After this, we mounted the Storage Account via Storage access keys and assigned the NTFS permissions on the file share. We also ensured that the SMB related contributor permission is also assigned on the File Share in the Storage Account in the Azure portal.
When we try to mount the file share we are getting prompted for the credentials and it is not connecting. We are trying to use the below command to try and connect:
net use Y: \\storageAccountName.file.core.windows.net\testShare
We ensured that we are trying these steps from a domain-joined computer with a domain user. The on-prem AD is connected to Azure AD via AD Connect that runs every 30 minutes. We ensured that this domain user is part of the AD groups that were assigned access on the File share in the Azure portal and also NTFS permissions on the share itself. The storage account has the Private Endpoint enabled and to reduce complexity, we are testing using the IP address that is assigned to the storage account.
Why is the command still asking for the credentials and not connecting to the File share? Anything we could be missing?
