Mounting Azure File Share on on-prem linux VM using AD user

Rohit Athikari 116 Reputation points
2020-09-20T13:29:39.573+00:00

Hi,

My requirement is to migrate on-prem SMB shares to Azure File Share. I have a third party application that requires the SMB shares to be mounted on on-prem linux VM with a service account in on-prem AD that has permissions to backup the files(The application uses samba server to copy the data)

For this I have followed the below steps

  1. Synced on-prem AD with Azure AD using AD connect
  2. Enabled Active Directory Domain Services (AD DS) authentication on my storage account
  3. Assigned share-level permissions
  4. Configured directory and file level permissions over SMB

Now, i am able to mount the Azure File share on window's machine that is domain joined to on-prem AD using the service account. However, when i try to mount the same share on linux with the same user, i am getting permission denied.

[root@rohit30a-1 ~]$ mount -t cifs //xxxxx.file.core.windows.net/kmp-azshare1 /tmp/smb -o 'username=backupoperator,domain=komtest,password=xxxxx' -o vers=3.0,dir_mode=0777,file_mode=0777,serverino
mount error(13): Permission denied

I am able to mount the Azure File share on on-prem linux VM only using storage key, but with on-prem AD users, looks like samba server is not able to authenticate it.

Please let me know how can i access Azure File Shares on on-prem Linux VM's using on-prem AD users.

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,213 questions
0 comments
Accepted answer
  1. Sumarigo-MSFT 44,996 Reputation points Microsoft Employee
    2020-09-21T17:02:00.803+00:00

    @Rohit Athikari Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

    Does Azure AD DS or on-premises AD DS authentication for Azure file shares support Linux VMs? No, authentication from Linux VMs is not supported.
    For more information, please refer here

    If you wish you may leave your feedback here All the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.

    Hope this helps! Kindly let us know if the above helps or you need further assistance on this issue.

    -----------------------------------------------------------------------------------------------------------------------------------------------

    Please don’t forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest