Matthieu Thomas
asked on
Azure Active Directory Domain Service / Mount SMB File Share
Hello,
Is it possible to mount a SMB file share using NFS right on a machine that is not domain joined ?
Mat
Is it possible to mount a SMB file share using NFS right on a machine that is not domain joined ?
Mat
ASKER
Sorry I was not clear.
Actually I would like to mount an SMB Share which is on Azure using Azure AD Domain Service for authentication.
I can't figure out if it is possible to Map the Azure Drive using "Connect unsing different credential" on an On Premise non domain joined machine.
The doc on MS https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-domain-service-enable only refer to domain joined machines.
Mat
Actually I would like to mount an SMB Share which is on Azure using Azure AD Domain Service for authentication.
I can't figure out if it is possible to Map the Azure Drive using "Connect unsing different credential" on an On Premise non domain joined machine.
The doc on MS https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-domain-service-enable only refer to domain joined machines.
Mat
If I understand this correctly, you won't be able to? The article appears to be referring to Azure domain joined machines, not on-prem machines. Your AzureAD would need a path to get to the on prem machine. That's going to be the issue..
If there is an available path, then it should be possible. The authentication mechanisms are similar enough between a domain authentication and a local authentication. When you authenticate to the local machine, you send the credentials to the local security manager (lsass) instead of the domain. You would supply the credentials as <machinename>\accountname. The machinename becomes the domain.
In the AzureAD situation, the machine is reaching out to Azure to initiate the authentication, and I don't *think* there is a path in the other direction. (I'm not an Azure expert by any stretch). As a sort of example - when you run Citrix Cloud, you install a Cloud Connector service on premises, so you can authenticate to the on prem resources. I don't think AzureAD has anything like that? The main thing is the "client" in this situation must have access to the initiate the connection to the "server".
I'd say just try it :-)
Coralon
If there is an available path, then it should be possible. The authentication mechanisms are similar enough between a domain authentication and a local authentication. When you authenticate to the local machine, you send the credentials to the local security manager (lsass) instead of the domain. You would supply the credentials as <machinename>\accountname.
In the AzureAD situation, the machine is reaching out to Azure to initiate the authentication, and I don't *think* there is a path in the other direction. (I'm not an Azure expert by any stretch). As a sort of example - when you run Citrix Cloud, you install a Cloud Connector service on premises, so you can authenticate to the on prem resources. I don't think AzureAD has anything like that? The main thing is the "client" in this situation must have access to the initiate the connection to the "server".
I'd say just try it :-)
Coralon
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You can potentially add an NFS share to the same directory.
Coralon