Our project is to get rid of our ON-PREMISE NAS for file share and to move everything to AZURE FILE SHARE.
Also we have more and more external users and with the covid everyone is working from home.
For the moment we are using VPN + ONPREMISE MAPPING.
The project is to use AZURE FILE SHARE DIRECT MAPPING OVER SMB 3.1.1 and get rid of the VPN.
Everything works well for ON PREMISE USERS but EXTERNAL USERS can't connect because the need a validation from an AD CONTROLLER.
How bad it is to make the AD controller over public ip ? Which port shall I open ?