Implement An Azure Information SMB Entry On-Premises With Personal Endpoints
Azure information share SMB Entry with on-premises Home windows AD authentication lets you entry file shares in Azure with NTFS entry management. By default, that entry gained’t lengthen to an on-prem community over VPN or Specific Route. On this article, I train easy methods to lengthen entry to Azure Information share with Home windows AD to an on-premises community utilizing Personal Endpoints.
- Lively Listing Area Companies in On-prem
- On-prem to Azure connectivity through VPN S2S
- Azure storage account
- Azure Personal Endpoint
That is my area controller from On-prem
Click on right here Create An Storage Account In Azure (c-sharpcorner.com) to create the storage account
In your storage account create on a file share and make it SMB elevated contributor
Implement a Personal Endpoint for the azure storage account
Choose storage your account and create Personal Endpoint Networking>Personal endpoint connection
Following the suitable steps.
Within the useful resource tab Choose file and Subsequent.
Following the steps for the demo function, I’ve stored the non-public IP dynamic. If you need you’ll be able to change it.
I will use the default DNS identify for the demo function.
Simply evaluation + create
Lastly created my non-public endpoint efficiently
Be aware: When I attempt to resolve through identify however nonetheless resolved by Public IP
Implement DNS host document for storage account in DNS server
Open the DNS server and Choose Ahead Lookup Zones
Click on Subsequent to create
Choose zone and Subsequent
Copy the privatelink.file.core.home windows.web
Previous on the Zone Identify
Efficiently created my Ahead lookup zone
Create a New Host document in your non-public hyperlink zone
The host document identify must be your storage account identify in my case I shanukastorage and IP tackle which you created a personal endpoint for storage. and Add Host
Efficiently created my Host document.
Lastly, my DNS Identify decision is working nice, and You possibly can take a look at through nslookup cmdlet
Efficiently identify resolved by non-public IP
If you wish to mount the azure file share drive to your domain-joined laptop utilizing AD credentials you are able to do it.
This text taught us easy methods to Implement Azure file share with built-in on-prem AD authentication. And if in case you have any questions do not hesitate to get in contact with me.