@Michał Gębala Welcome t Microsoft Q&A Forum, Thank you for posting your query here!
For better understanding the scenario: As I understand instead of Using AADDS or ADDS, you want to use Azure AD for the authorization right?
If so we are working on this feature(Azure Files AAD authentication is in Private Preview), we have it in our pipeline. presently I don't have any ETA now. Get the latest updates on Azure products and features to meet your cloud investment needs. Subscribe to notifications to stay informed through Azure updates
Currently there are only 2 ways to configure an Azure Files share:
• Active Directory Domain Services Overview | Microsoft Learn
o Requires machines to be joined to the on premises domain. Most cases they would be Azure hybrid join.
• Overview of Azure Active Directory Domain Services | Microsoft Learn
o Requires the machine to be joined to the Azure AD Domain Services domain.
If a machine (either VM or physical machine) is joined to Azure AD, they would not be able to use either of these methods.
Additional information:
Supported scenarios and restrictions:
- AD DS Identities used for Azure Files on-premises AD DS authentication must be synced to Azure AD or use a default share-level permission. Password hash synchronization is optional.
- Supports Azure file shares managed by Azure File Sync.
- Supports Kerberos authentication with AD with AES 256 encryption (recommended) and RC4-HMAC. AES 128 Kerberos encryption is not yet supported.
- Supports single sign-on experience.
- Only supported on clients running on OS versions newer than Windows 7 or Windows Server 2008 R2.
- Only supported against the AD forest that the storage account is registered to. You can only access Azure file shares with the AD DS credentials from a single forest by default. If you need to access your Azure file share from a different forest, make sure that you have the proper forest trust configured, see the FAQ for details.
- Does not support authentication against computer accounts created in AD DS.
- Does not support authentication against Network File System (NFS) file shares.
- When you enable AD DS for Azure file shares over SMB, your AD DS-joined machines can mount Azure file shares using your existing AD DS credentials. This capability can be enabled with an AD DS environment hosted either in on-prem machines or hosted in Azure.
We strongly recommend you to review the How it works section to select the right domain service for authentication. The setup is different depending on the domain service you choose. These series of articles focus on enabling and configuring on-premises AD DS for authentication with Azure file shares.
If you are new to Azure file shares, we recommend reading our planning guide before reading the following series of articles.
Please let us know if you have any further queries. I’m happy to assist you further.
----------
Please do not forget to and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.