Warning: Undefined variable $file in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php on line 14

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637

Warning: Cannot modify header information - headers already sent by (output started at /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-content/plugins/fix-my-feed-rss-repair/rss-feed-fixr.php:14) in /customers/a/e/3/tunecom.be/httpd.www/stg_ba12f/wp-includes/rest-api/class-wp-rest-server.php on line 1637
{"id":617,"date":"2020-02-28T07:22:43","date_gmt":"2020-02-28T07:22:43","guid":{"rendered":"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617"},"modified":"2020-02-28T07:24:04","modified_gmt":"2020-02-28T07:24:04","slug":"moving-your-data-to-a-serverless-infrastructure-with-azure-files-and-active-directory-authentication-preview","status":"publish","type":"post","link":"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617","title":{"rendered":"Moving your data to a serverless infrastructure with Azure Files and Active Directory Authentication (Preview)"},"content":{"rendered":"\n<p>A couple of days ago, Microsoft announced the public preview of Windows Server Active Directory authentication \/ integration for Azure Files. Make sure to check-out the <a rel=\"noreferrer noopener\" aria-label=\"introduction video (opens in a new tab)\" href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/preview-of-active-directory-for-authentication-on-azure-file\/\" target=\"_blank\">introduction video<\/a> by <a rel=\"noreferrer noopener\" aria-label=\"Will Gries (opens in a new tab)\" href=\"https:\/\/www.linkedin.com\/in\/williamgries\/\" target=\"_blank\">Will Gries<\/a> (Senior Program Manager) and <a rel=\"noreferrer noopener\" aria-label=\"Thomas Maurer (opens in a new tab)\" href=\"https:\/\/www.thomasmaurer.ch\/\" target=\"_blank\">Thomas Maurer<\/a> (Senior Cloud Advocate)<br><br>This is probably one of the most requested feature releases since the ability to create file shares on Azure Storage.<br>In the recent past, Microsoft enabled Active Directory Authentication and setting ACLs coming from their Azure AD Domain Services solution.<\/p>\n\n\n\n<p>Now it&#8217;s time to integrate this with our existing Windows Server Active Directory Infrastructure<\/p>\n\n\n\n<h3>Long story\nshort<\/h3>\n\n\n\n<p>We are now able to set NTFS permissions and ACLs based on our existing Windows Server AD on an Azure Fileshare. This blogpost takes you through the necessary steps to <strong>automate <\/strong>the <strong>process <\/strong>shown below.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter is-resized\"><img loading=\"lazy\" src=\"https:\/\/docs.microsoft.com\/en-us\/azure\/storage\/files\/media\/storage-files-active-directory-domain-services-enable\/diagram-files-ad.png\" alt=\"Files AD workflow diagram\" width=\"553\" height=\"244\"\/><\/figure><\/div>\n\n\n\n<h3>Now the long(er) story ?<\/h3>\n\n\n\n<p>Before we can activate all of this, we have a couple of prerequisites:<\/p>\n\n\n\n<h4 class=\"has-very-dark-gray-color has-text-color\"><strong>1. Windows Server Active Directory needs to be synchronized with Azure Active Directory<\/strong><\/h4>\n\n\n\n<h4 class=\"has-very-dark-gray-color has-text-color\"><strong>2. You need an Azure Storage account with an Azure File share which is NOT located in one of the following regions.<\/strong><\/h4>\n\n\n\n<ul><li> West US<\/li><li> West US 2<\/li><li> East US<\/li><li> East US 2<\/li><li> West Europe<\/li><li> North Europe<\/li><\/ul>\n\n\n\n<h6> ! Run the following script if you like to create a new storage account<\/h6>\n\n\n\n<p>Background info: Change the initial variables to meet your environment needs, I have chosen France Central as a region to deploy our Storage Account.<\/p>\n\n\n\n<p>Download the script <a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/1._create_az_storage_account.ps1_-1.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"here (opens in a new tab)\">here<\/a>, or copy paste the scriptblock below. After running the script you&#8217;ll see that new or additional file shares have been created.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" width=\"1140\" height=\"320\" src=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-16.png\" alt=\"\" class=\"wp-image-672\" srcset=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-16.png 1140w, https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-16-300x84.png 300w\" sizes=\"(max-width: 1140px) 100vw, 1140px\" \/><figcaption>Azure Files<\/figcaption><\/figure><\/div>\n\n\n\n<h5><a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/1._create_az_storage_account.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Powershell Script (opens in a new tab)\">Powershell Script<\/a><\/h5>\n\n\n<pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\n########################\n#\n# Name: Azure Files Create Storage Account\n# Author: Yannick Dils\n# Version: v0.1\n#\n########################\n\nWrite-Host &quot;Let's get started&quot; -ForegroundColor Magenta\nSleep 3\n\n########################\n#\n# Install or import the required modules\n#\n########################\n\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name Az.Accounts  -RequiredVersion 1.6.4 -Force&quot; -WindowStyle Hidden\nImport-Module Az.Accounts\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name Az.Resources  -RequiredVersion 1.11.0 -Force&quot; -WindowStyle Hidden\nImport-Module Az.Resources\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name Az.Storage  -RequiredVersion 1.11.0 -Force&quot; -WindowStyle Hidden\nImport-Module Az.Storage\n\n########################\n#\n# Create Naming Convention + Location and Name Variables\n#\n########################\n\nWrite-Host &quot;Step 1 : Let's define some variables and naming conventions`n&quot; -ForegroundColor Cyan\n\nWrite-Host &quot;Enter a 3 letter word abbreviation for your customer or project (example: tuc, vdc) : &quot; -ForegroundColor Yellow -NoNewline\n$Cus = Read-Host\nWrite-Host &quot;Enter a 3 letter word abbreviation for your environment (example: hub, prd, tst, dev, acc) : &quot; -ForegroundColor Yellow -NoNewline\n$Env = Read-host\n$FullLocation = &quot;France Central&quot;\n$NamingConv = &quot;st&quot; + &quot;lrs&quot; + $Cus + &quot;frc&quot; + $Env + &quot;file&quot;\n$SAFILE = $NamingConv\n$RGDATA = $Cus + &quot;-hub-storage-rg&quot;\nWrite-Host &quot;Enter a name for your fileshare (example: fileserver, profiles,..) : &quot; -ForegroundColor Yellow -NoNewline\n$FileShareName = Read-host\n\n\nWrite-Host &quot;`nStep 2 : Based on the naming convention provided in the script, the following has been identitfied:`n&quot; -ForegroundColor Cyan\nWrite-Host &quot;Location : $FullLocation&quot;  -ForegroundColor Green\nWrite-Host &quot;Storage Account Name : $SAFILE&quot; -ForegroundColor Green\nWrite-Host &quot;Fileshare Name : $FileShareName&quot; -ForegroundColor Green\n\nWrite-Host &quot;Resource Group Name : $RGDATA&quot; -ForegroundColor Green\n\n\n########################\n#\n# Login to Az Account\n#\n########################\n\nWrite-Host &quot;`nStep 3 : Before we continue, we need to log you into your Azure Account&quot; -ForegroundColor Cyan\n\nLogin-AzAccount\n\n########################\n#\n# Select the Azure Subscription where you want to create your storage account\n#\n########################\n\n$Subscriptions = Get-AzSubscription\nWrite-Host &quot;Step 4 : These are your available subscriptions`n&quot; -ForegroundColor Cyan\nWrite-host $Subscriptions.Name -ForegroundColor Cyan -BackgroundColor Black\n\nWrite-Host &quot;`nStep 5 : Enter the subscription name : &quot; -ForegroundColor Yellow -NoNewline\n$SubscriptionName = Read-host\nSelect-AzSubscription -Subscription $SubscriptionName\n\n\n\n########################\n#\n# Verify if an existing resource group exists with the name in variable $RGDATa, create a new one if not\n#\n########################\n\n\n$RG = Get-AzResourceGroup -Name $RGDATA -ErrorAction SilentlyContinue\n\nIf ($RG)\n        {\n        Write-Host &quot;Step 6 : A Resource Group already exists with the name $RGDATA, no need to create one&quot; -ForegroundColor Cyan\n        }\nElse\n        {\n        Write-Host &quot;Step 6 : A Resource Group is created with the name $RGDATA&quot; -ForegroundColor Cyan\n        New-AzResourceGroup -Name $RGDATA -Location $FullLocation\n        }\n\n########################\n#\n# Create a new Storage Account located in the $FullLocation region based on the input variables\n#\n########################\n\n$SA = Get-AzStorageAccount -ResourceGroupName $RGDATA -Name $SAFILE.ToLower() -ErrorAction SilentlyContinue\n$StorageShare = Get-AzStorageShare -Name $FileShareName -Context $sa.Context -ErrorAction SilentlyContinue\n\nIf ($SA)\n        {\n        Write-Host &quot;Step 7 : A Storage Account already exists with the name $SAFILE, no need to create one&quot; -ForegroundColor Cyan\n\n        If ($StorageShare)\n                {\n                Write-Host &quot;Step 8 : A File Share already exists with the name $FileShareName, no need to create one&quot; -ForegroundColor Cyan\n                }\n        Else\n                {\n                Write-Host &quot;Step 8 : A File Share is created with the name $FileShareName&quot; -ForegroundColor Cyan\n                New-AzStorageShare -Name $FileShareName -Context $SA.Context\n                }\n\n\n\n\n        }\nElse\n        {\n        Write-Host &quot;Step 7 : A Storage Account is created with the name $SAFILE&quot; -ForegroundColor Cyan\n        New-AzStorageAccount -ResourceGroupName $RGDATA -Name $SAFILE.ToLower() -Kind StorageV2 -SkuName Standard_LRS -Location $FullLocation -AccessTier Hot\n        Write-Host &quot;Step 8 : A File Share is created with the name $FileShareName&quot; -ForegroundColor Cyan\n        $ctx = Get-AzStorageAccount -ResourceGroupName $RGDATa -Name $SAFILE\n        New-AzStorageShare -Name $FileShareName -Context $ctx.Context\n\n         }\n\nWrite-Host &quot;End of script&quot; -ForegroundColor Magenta\n\n\n########################\n#\n# End of script\n#\n########################\n\nSLeep 5\n<\/pre>\n\n\n<h4 class=\"has-very-dark-gray-color has-text-color\"> <strong>3. You need to join your Azure Storage account to the domain<\/strong><\/h4>\n\n\n\n<p>Since it&#8217;s still in public preview, you need to perform a couple of manual steps in order to join your Azure Storage account to your Windows Server Active Directory Domain. Looking at Azure AD Domain Services, this is an additional switch \/ parameters you need to provide in order to allow Azure AD DS authentication. I assume that the product team will try to provide the same type of deployment feature with regards to joining your traditional active directory domain.<\/p>\n\n\n\n<p>The following <a rel=\"noreferrer noopener\" aria-label=\"link  (opens in a new tab)\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/storage\/files\/storage-files-identity-auth-active-directory-enable\" target=\"_blank\">link <\/a>provides you a step by step guide in how to perform the required steps to join your domain. So feel free to read through it. <strong>But wait!<\/strong><\/p>\n\n\n\n<p>I&#8217;ve taken the opportunity to <strong>automate <\/strong>the necessary steps and put it in the following script. <strong><em>Note: Make sure to run it from a domain joined machine or directly on your domain controller.<\/em><\/strong><\/p>\n\n\n\n<p>Download the script <a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/2._azure_files_domain_join.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"here (opens in a new tab)\">here<\/a>, or copy paste the scriptblock below. After running the script your Azure Storage Account will be joined to the domain, this is how it could look like.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" width=\"721\" height=\"44\" src=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-15.png\" alt=\"\" class=\"wp-image-659\" srcset=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-15.png 721w, https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-15-300x18.png 300w\" sizes=\"(max-width: 721px) 100vw, 721px\" \/><figcaption>Computer Account Object<\/figcaption><\/figure><\/div>\n\n\n\n<h5><a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/2._azure_files_domain_join.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Powershell Script (opens in a new tab)\">Powershell Script<\/a><\/h5>\n\n\n<pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\n########################\n#\n# Name: Azure Files Domain Join Script\n# Author: Yannick Dils\n# Version: v0.1\n#\n########################\n\nWrite-Host &quot;Let's get started&quot; -ForegroundColor Cyan\nSleep 3\n\n########################\n#\n# Install or import the required modules\n#\n########################\n\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name Az.Accounts  -RequiredVersion 1.6.4 -Force&quot; -WindowStyle Hidden\nImport-Module Az.Accounts\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name Az.Resources  -RequiredVersion 1.11.0 -Force&quot; -WindowStyle Hidden\nImport-Module Az.Resources\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name Az.Storage  -RequiredVersion 1.11.0 -Force&quot; -WindowStyle Hidden\nImport-Module Az.Storage\nstart-process powershell \u2013verb runAs -ArgumentList &quot;Install-Module -Name ActiveDirectory -Force&quot; -WindowStyle Hidden\nImport-Module ActiveDirectory\n\n\n########################\n#\n# Change the execution policy to unblock importing AzFilesHybrid.psm1 module\n#\n########################\n\nSet-ExecutionPolicy -ExecutionPolicy Unrestricted -Scope Currentuser -Force -ErrorAction SilentlyContinue\n\n########################\n#\n# Download The AzFilesHybird powershell modules\n#\n########################\n\nWrite-Host &quot;Step 1 : We will now download the Azure Files Hybrid powershell modules into a C:\\Temp directory&quot; -ForegroundColor Cyan\n\n\n$DownloadLink = &quot;https:\/\/github.com\/Azure-Samples\/azure-files-samples\/releases\/download\/AzFilesHybrid-0.1.0.0\/AzFilesHybrid.zip&quot;\n$TempDir = &quot;C:\\Temp&quot;\n$Output = &quot;C:\\Temp\\AzFilesHybrid.zip&quot;\n$Path = Test-Path $TempDir\n\nIf ($Path -eq $true)\n    {\n    Write-Host &quot;Step 2 : The C:\\Temp path already exists, no need to create one&quot; -ForegroundColor Cyan\n    }\nElse\n    {\n    Write-host &quot;Step 2 : We are creating a temp directory C:\\Temp&quot; -ForegroundColor Cyan\n    $DontShow = mkdir $TempDir\n\n    }\n\n\n(New-Object System.Net.WebClient).DownloadFile($DownloadLink, $output)\n\n########################\n#\n# Navigate to where AzFilesHybrid is unzipped and stored and run to copy the files into your path\n#\n########################\n\ncd $TempDir\nExpand-Archive -LiteralPath $Output -DestinationPath $TempDir -Force\n.\\CopyToPSPath.ps1 \n\n########################\n#\n# Import AzFilesHybrid module\n#\n########################\n\n\nImport-Module -name AzFilesHybrid\n\n\n########################\n#\n# Login with an Azure AD credential that has either storage account owner or contributer RBAC assignment\n#\n########################\n\nWrite-Host &quot;Step 3 : Let's connect to our Azure Subscriptions&quot; -ForegroundColor Cyan\nSleep 3\nConnect-AzAccount\n\n########################\n#\n# Select the Azure Subscription where your Storage Account is located\n#\n########################\n\n$Subscriptions = Get-AzSubscription\nWrite-Host &quot;Step 4 : These are your available subscriptions&quot; -ForegroundColor Cyan\nWrite-host $Subscriptions.Name -ForegroundColor Cyan -BackgroundColor Black\n\nWrite-Host &quot;Step 5 : Enter the subscription name : &quot; -ForegroundColor Yellow -NoNewline\n$SubscriptionName = Read-host\nSelect-AzSubscription -Subscription $SubscriptionName\n\n########################\n#\n# Retrieve your current Windows Server Active Directory Domain Details\n#\n########################\n\n\n$domaindetails = Get-ADDomain\n#Register the target storage account with your active directory environment under the target OU\n$Domain = $domaindetails.DNSRoot\n\n\n########################\n#\n# Retrieve your Resource Groups and Storage Accounts located in your Azure Subscription\n#\n########################\n\n#############\n#\n# Resource Groups\n#\n#############\n\n$ResourceGroups = Get-AzResourceGroup | Select ResourceGroupName\nWrite-Host &quot;Step 6 : These are the available resource groups: &quot; -ForegroundColor Cyan\nForeach ($RG in $ResourceGroups)\n    {\n    Write-Host $RG.ResourceGroupName -ForegroundColor Cyan -BackgroundColor Black\n    }\nWrite-Host &quot;Step 7 : Enter the resource group name, where your Azure Files storage account is located: &quot; -ForegroundColor Yellow -NoNewline\n$ResourceGroup = Read-host \n\n#############\n#\n# Storage Accounts\n#\n#############\n\n\n$StorageAccounts = Get-AzStorageAccount -ResourceGroupName $ResourceGroup\n\nWrite-Host &quot;Step 8 : These are the available storage accounts : &quot; -ForegroundColor Cyan\n\nForeach ($SA in $StorageAccounts)\n        {\n        Write-Host $SA.StorageAccountName -ForegroundColor Cyan -BackgroundColor Black\n        }\nWrite-Host &quot;Step 9 : Enter the storage account name, where your Azure Files share is located: &quot; -ForegroundColor Yellow -NoNewline\n$StorageAccount = Read-host\n\n########################\n#\n# Create or use an Organizational Unit where our Azure Files storage account will be located\n#\n########################\n$AzureFilesOUName = &quot;AzureFiles&quot;\n\nWrite-Host &quot;Step 10 : We now want to join the Azure File Storage Accounts to the domain in an OU called $AzureFilesOUName&quot; -ForegroundColor Cyan\n\n\n$OU = Get-ADOrganizationalUnit -Filter 'Name -like $AzureFilesOUName'\nIf ($OU)\n        {Write-Host &quot;Step 11 : The AzureFiles OU Already Exists, no need to create one&quot; -ForegroundColor Cyan}\nElse\n        {\n        Write-Host &quot;Step 11 : The OU needs to be created, we will now create a new OU called $AzureFilesOUName&quot; -ForegroundColor Cyan\n        $AzureFilesOU = New-ADOrganizationalUnit -Name $AzureFilesOUName\n        }\n\n########################\n#\n# Join the storage account into the domain, located in the required organizational unit\n#\n########################\n\nJoin-AzStorageAccountForAuth -ResourceGroupName $ResourceGroup -StorageAccountName $StorageAccount -Domain $Domain -DomainAccountType ComputerAccount -OrganizationalUnitName &quot;Servers&quot;\n\n########################\n#\n# Verify Domain Join\n#\n########################\n\n$azurefiles = Get-AzStorageAccount -ResourceGroupName $ResourceGroup -Name $StorageAccount\n\n$ADService = $azurefiles.AzureFilesIdentityBasedAuth.DirectoryServiceOptions\n\nWrite-Host &quot;Step 12 : Let us now verify if the directory service is ok&quot; -ForegroundColor Cyan\nSleep 5\n\nIf ($ADService -eq &quot;AD&quot;)\n        {\n        Write-host &quot;Step 13 : All OK&quot; -ForegroundColor Green\n        }\nElse\n        {\n        Write-host &quot;Step 13 : Something went wrong ;)&quot; -ForegroundColor Red\n        }\n\n\nWrite-Host &quot;Step 14 : Let us now verify if the directory authentication is ok&quot; -ForegroundColor Cyan\nSleep 5\n\n$ADInfo = $azurefiles.AzureFilesIdentityBasedAuth.ActiveDirectoryProperties\n\nIf ($ADInfo.DomainName -eq $Domain)\n        {\n        Write-host &quot;Step 15 : All OK&quot; -ForegroundColor Green\n        }\nElse\n        {\n        Write-host &quot;Step 15 : Something went wrong ;)&quot; -ForegroundColor Red\n        }\n\nWrite-host &quot;End of script&quot; -ForegroundColor Cyan\nSleep 5\n\n########################\n#\n# End of script\n#\n########################\n\n<\/pre>\n\n\n<h4 class=\"has-very-dark-gray-color has-text-color\">  4<strong>. Assign the required roles to your security principals.<\/strong><\/h4>\n\n\n\n<p>Now that we have our storage account joined to the domain. We need to assign the right set of role based access controls on the Azure File Share level.<\/p>\n\n\n\n<p>3 built-in roles can be identified to set access to the Azure File Share:<\/p>\n\n\n\n<ul><li>Storage File Data SMB Share Reader allows <strong>read <\/strong>access in Azure Storage file shares over SMB. <\/li><li>Storage File Data SMB Share Contributor allows <strong>read<\/strong>, <strong>write<\/strong>, and <strong>delete <\/strong>access in Azure Storage file shares over SMB.  <\/li><li>Storage File Data SMB Share Elevated Contributor allows <strong>read<\/strong>, <strong>write<\/strong>,  <strong>delete <\/strong>and <strong>modify <\/strong>permissions in Azure Storage file shares over SMB <\/li><\/ul>\n\n\n\n<p>The following script can assist you in setting the right set of permissions for a certain security principal. Note: The security principal must be entered in a UPN format (username@corp.something)<\/p>\n\n\n\n<p>Download the script <a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/3._azure_file_permissions.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"here (opens in a new tab)\">here<\/a>, or copy paste the scriptblock below. After  running the script you will be able to mount the Azure File share in the context of the security principal. <\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" width=\"844\" height=\"80\" src=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-18.png\" alt=\"\" class=\"wp-image-691\" srcset=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-18.png 844w, https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-18-300x28.png 300w\" sizes=\"(max-width: 844px) 100vw, 844px\" \/><\/figure><\/div>\n\n\n\n<h5><a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/3._azure_file_permissions.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Powershell Script (opens in a new tab)\">Powershell Script<\/a><\/h5>\n\n\n<pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\n########################\n#\n# Name: Azure Files RBAC\n# Author: Yannick Dils\n# Version: v0.1\n#\n########################\n\n\nWrite-Host &quot;Let's get started&quot; -ForegroundColor Cyan\nSleep 3\n\n########################\n#\n# Set General Variables and Naming Conventions\n#\n########################\n\nWrite-Host &quot;Step 1 : Let's define some variables and naming conventions&quot; -ForegroundColor Cyan\n\nWrite-Host &quot;Enter a 3 letter word abbreviation for your customer or project (example: tuc, vdc) : &quot; -ForegroundColor Yellow -NoNewline\n$Cus = Read-Host\nWrite-Host &quot;Enter a 3 letter word abbreviation for your environment (example: hub, prd, tst, dev, acc) : &quot; -ForegroundColor Yellow -NoNewline\n$Env = Read-host\n$FullLocation = &quot;France Central&quot;\n$NamingConv = &quot;st&quot; + &quot;lrs&quot; + $Cus + &quot;frc&quot; + $Env + &quot;file&quot;\n$SAFILE = $NamingConv\n$RGDATA = $Cus + &quot;-hub-storage-rg&quot;\nWrite-Host &quot;Enter a name for your fileshare (example: fileserver, profiles,..) : &quot; -ForegroundColor Yellow -NoNewline\n$FileShareName = Read-host\n\n\n\n########################\n#\n# Set the names of the Azure Files Roles into Variables\n#\n########################\n\nWrite-Host &quot;Step 2 : Let's store the Azure File Storage Roles into variables for later use&quot; -ForegroundColor Cyan\n\n\n$Reader = &quot;Storage File Data SMB Share Reader&quot; # R permissions\n$Contributor = &quot;Storage File Data SMB Share Contributor&quot; # R W D permissions\n$ElevatedContributor =&quot;Storage File Data SMB Share Elevated Contributor&quot; # R W D M permissions\n\n########################\n#\n# Enter the specific group in UPN format and store them into variables\n#\n########################\n\nWrite-Host &quot;Step 3 : Enter the security principal that needs to receive the required access controls (UPN format required):`n&quot; -ForegroundColor Cyan\nWrite-Host &quot;Read Group = Storage File Data SMB Share Reader # R permissions&quot; -ForegroundColor Green\nWrite-Host &quot;Contributor Group = Storage File Data SMB Share Contributor # R W D permissions&quot; -ForegroundColor Green\nWrite-Host &quot;ElevatedContributor = Storage File Data SMB Share Elevated Contributor # R W D M permissions`n&quot; -ForegroundColor green\n\nWrite-Host &quot;Enter the Reader Security Principal UPN Name : (Leave empty if not required) :&quot; -ForegroundColor Yellow -NoNewline\n$ReadGroup = Read-Host\nWrite-Host &quot;Enter the Contributor Security Principal UPN name : (Leave empty if not required) :&quot; -ForegroundColor Yellow -NoNewline\n$ContributorGroup = Read-Host\nWrite-Host &quot;Elevated Contributor Security Principal UPN name : (Leave empty if not required) :&quot; -ForegroundColor Yellow -NoNewline\n$ElevatedContributorGroup = Read-host\n\n########################\n#\n# Set the scope onto our subscription and specific  Azure File Share\n#\n########################\n\nWrite-Host &quot;`nStep 4 : Let's set our subscription scope`n&quot; -ForegroundColor Cyan\nLogin-AzAccount\n$Subscriptions = Get-AzSubscription\nWrite-Host &quot;Step 5 : These are your available subscriptions`n&quot; -ForegroundColor Cyan\nWrite-host $Subscriptions.Name -ForegroundColor Cyan -BackgroundColor Black\n\nWrite-Host &quot;`nStep 6 : Enter the subscription name : &quot; -ForegroundColor Yellow -NoNewline\n$SubscriptionName = Read-host\nSelect-AzSubscription -Subscription $SubscriptionName\n$Subscription = Get-AzSubscription -SubscriptionName $SubscriptionName\n\n$SubScriptionID = $Subscription.SubscriptionId\n\n\n$scope = &quot;\/subscriptions\/$subscriptionID\/resourceGroups\/$RGDATA\/providers\/Microsoft.Storage\/storageAccounts\/$SAFILE\/fileServices\/default\/fileshares\/$fileShareName&quot;\n\n########################\n#\n# Let's assign the role to the specified security principal and scope\n#\n########################\n\n##########\n#\n#  Reader Group\n#\n##########\n\nIf($ReadGroup -eq &quot;&quot;)\n        {\n        Write-Host &quot;You haven't entered any Reader Group, we will skip this role assignment for now&quot; -ForegroundColor Yellow\n        }\nelse\n        {\n        Write-Host &quot;We are now verifying the  Reader Group role assignment for Security Principal $ReadGroup&quot; -ForegroundColor Cyan\n        $RoleAssignment = Get-AzRoleAssignment -SignInName $ReadGroup -RoleDefinitionName $Reader -Scope $scope -ErrorAction SilentlyContinue\n\n        If ($RoleAssignment)\n                {\n                Write-host &quot;The role assignment already exists, we don't need to add the specific assignment&quot; -ForegroundColor Cyan\n                }\n        else\n                {\n                Write-Host &quot;The role assignment is being created&quot; -ForegroundColor Cyan\n                New-AzRoleAssignment -SignInName $ReadGroup -RoleDefinitionName $Reader -Scope $scope\n                }\n\n        }\n\n\n\n\n##########\n#\n#  Contributor Group\n#\n##########\n\n\nIf($ContributorGroup -eq &quot;&quot;)\n        {\n        Write-Host &quot;You haven't entered any Contributor Group, we will skip this role assignment for now&quot; -ForegroundColor Yellow\n        }\nelse\n        {\n        Write-Host &quot;We are now verifying the  Contributor Group role assignment for Security Principal $ContributorGroup&quot; -ForegroundColor Cyan\n        $RoleAssignment = Get-AzRoleAssignment -SignInName $ContributorGroup -RoleDefinitionName $Contributor -Scope $scope -ErrorAction SilentlyContinue\n\n        If ($RoleAssignment)\n                {\n                Write-host &quot;The role assignment already exists, we don't need to add the specific assignment&quot; -ForegroundColor Cyan\n                }\n        else\n                {\n                Write-Host &quot;The role assignment is being created&quot; -ForegroundColor Cyan\n                New-AzRoleAssignment -SignInName $ContributorGroup -RoleDefinitionName $Contributor -Scope $scope\n                }\n\n        }\n\n\n\n##########\n#\n# Elevated Contributor Group\n#\n##########\n\nIf($ElevatedContributorGroup -eq &quot;&quot;)\n        {\n        Write-Host &quot;You haven't entered any Elevated Contributor Group, we will skip this role assignment for now&quot; -ForegroundColor Yellow\n        }\nelse\n        {\n        Write-Host &quot;We are now verifying the Elevated Contributor Group role assignment for Security Principal $ElevatedContributorGroup&quot; -ForegroundColor Cyan\n        $RoleAssignment = Get-AzRoleAssignment -SignInName $ElevatedContributorGroup -RoleDefinitionName $ElevatedContributor -Scope $scope -ErrorAction SilentlyContinue \n\n        If ($RoleAssignment)\n                {\n                Write-host &quot;The role assignment already exists, we don't need to add the specific assignment&quot; -ForegroundColor Cyan\n                }\n        else\n                {\n                Write-Host &quot;The role assignment is being created&quot; -ForegroundColor Cyan\n                New-AzRoleAssignment -SignInName $ElevatedContributorGroup -RoleDefinitionName $ElevatedContributor -Scope $scope\n                }\n\n        }\n\n\n   #Get-AzRoleAssignment -scope $scope\n\n   Write-Host &quot;`nEnd of Script&quot; -ForegroundColor Cyan \n\n   Sleep 5\n<\/pre>\n\n\n<h4 class=\"has-very-dark-gray-color has-text-color\"><strong>  5. Mount the Azure File Share with elevated privileges and start configuring NTFS permissions.<\/strong><\/h4>\n\n\n\n<p>In the previous section we&#8217;ve set the share level permissions, as with traditional file server installations or implementations, we would set an additional layer of security, called NTFS permissions.<\/p>\n\n\n\n<p>By mounting the Azure File share together with storage access key you we are elevating our privileges, allowing us to set fine grained ACLs.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" width=\"1138\" height=\"341\" src=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-17.png\" alt=\"\" class=\"wp-image-684\" srcset=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-17.png 1138w, https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/image-17-300x90.png 300w\" sizes=\"(max-width: 1138px) 100vw, 1138px\" \/><\/figure>\n\n\n\n<p>The following script will automatically mount the drive-letter you choose based on the Access Keys of your storage account<\/p>\n\n\n\n<p>Download the script <a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/4._mount_azure_files.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"here  (opens in a new tab)\">here <\/a>or copy the scriptblock below. <\/p>\n\n\n\n<h5><a href=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/4._mount_azure_files.ps1_.zip\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Powershell Script (opens in a new tab)\">Powershell Script<\/a><\/h5>\n\n\n<pre class=\"brush: powershell; title: ; notranslate\" title=\"\">\n########################\n#\n# Name: Mount Azure File Share\n# Author: Yannick Dils\n# Version: v0.1\n#\n########################\n\nWrite-Host &quot;Let's get started&quot; -ForegroundColor Cyan\nSleep 3\n\n########################\n#\n# Create Naming Convention + Location and Name Variables\n#\n########################\n\n\nWrite-Host &quot;Step 1 : Let's define some variables and naming conventions`n&quot; -ForegroundColor Cyan\n\nWrite-Host &quot;Enter a 3 letter word abbreviation for your customer or project (example: tuc, vdc) : &quot; -ForegroundColor Yellow -NoNewline\n$Cus = Read-Host\nWrite-Host &quot;Enter a 3 letter word abbreviation for your environment (example: hub, prd, tst, dev, acc) : &quot; -ForegroundColor Yellow -NoNewline\n$Env = Read-host\n$FullLocation = &quot;France Central&quot;\n$NamingConv = &quot;st&quot; + &quot;lrs&quot; + $Cus + &quot;frc&quot; + $Env + &quot;file&quot;\n$SAFILE = $NamingConv\n$RGDATA = $Cus + &quot;-hub-storage-rg&quot;\nWrite-Host &quot;Enter a name for your fileshare (example: fileserver, profiles,..) : &quot; -ForegroundColor Yellow -NoNewline\n$FileShareName = Read-host\nWrite-Host &quot;Enter a driveletter for your fileshare (example: F, G, P..) : &quot; -ForegroundColor Yellow -NoNewline\n$DriveLetter = Read-Host\n\n\n########################\n#\n# Login with an Azure AD credential that has either storage account owner or contributer RBAC assignment\n#\n########################\n\nWrite-Host &quot;Step 2 : Let's connect to our Azure Subscriptions&quot; -ForegroundColor Cyan\nSleep 3\nConnect-AzAccount\n\n########################\n#\n# Select the Azure Subscription where your Storage Account is located\n#\n########################\n\n$Subscriptions = Get-AzSubscription\nWrite-Host &quot;Step 3 : These are your available subscriptions&quot; -ForegroundColor Cyan\nWrite-host $Subscriptions.Name -ForegroundColor Cyan -BackgroundColor Black\n\nWrite-Host &quot;`nEnter the subscription name : &quot; -ForegroundColor Yellow -NoNewline\n$SubscriptionName = Read-host\nSelect-AzSubscription -Subscription $SubscriptionName\n\n########################\n#\n# Retrieve the Storage Account Details and Access Tokens\n#\n########################\n\nWrite-Host &quot;Step 4 : We are now retrieving the storage account details and access tokens&quot; -ForegroundColor Cyan\n\n$storageAccount = Get-AzStorageAccount -ResourceGroupName $RGDATA -Name $SAFILE\n$storageAccountKeys = Get-AzStorageAccountKey -ResourceGroupName $RGDATA -Name $SAFILE\n\n########################\n#\n# Retrieve the FileShare Details\n#\n########################\n\nWrite-Host &quot;Step 5 : We are now retrieving the file share details&quot; -ForegroundColor Cyan\n\n\n$fileShare = Get-AzStorageShare -Context $storageAccount.Context | Where-Object { \n    $_.Name -eq $fileShareName -and $_.IsSnapshot -eq $false\n}\n\nif ($fileShare -eq $null) {\n    throw [System.Exception]::new(&quot;Azure file share not found&quot;)\n}\n\n########################\n#\n# Mount the Azure File Storage\n#\n########################\n\nWrite-Host &quot;Step 6 : Your file share is being mounted&quot; -ForegroundColor Cyan\n\n\n$password = ConvertTo-SecureString -String $storageAccountKeys[0].Value -AsPlainText -Force\n$credential = New-Object System.Management.Automation.PSCredential -ArgumentList &quot;AZURE\\$($storageAccount.StorageAccountName)&quot;, $password\nNew-PSDrive -Name $DriveLetter -PSProvider FileSystem -Root &quot;\\\\$($fileShare.StorageUri.PrimaryUri.Host)\\$($fileShare.Name)&quot; -Credential $credential -Persist\n\nWrite-Host &quot;Step 7 : Let's open up our file share in an explorer window&quot; -ForegroundColor Cyan\n\n$path = $DriveLetter + &quot;:\\&quot; \nInvoke-Item $path\n\nWrite-Host &quot;`nEnd of script&quot; -ForegroundColor Cyan\nSleep 5\n\n########################\n#\n# End of script\n#\n########################\n<\/pre>\n\n\n<h4> <strong>6. Next Steps<\/strong><\/h4>\n\n\n\n<p>Next steps could be defined as the following<\/p>\n\n\n\n<ul><li>Configure a private endpoint on the storage account to secure connectivity within your virtual networks<\/li><li>Setup Azure Filesync to start migrating your data<\/li><li>Create a new DFS namespace to allow easier translation of common names<\/li><\/ul>\n\n\n\n<p>Feel free to comment or provide additional insights on the scripts and documentation provided. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>A couple of days ago, Microsoft announced the public preview of Windows Server Active Directory authentication \/ integration for Azure Files. Make sure to check-out the introduction video by Will Gries (Senior Program Manager) and Thomas Maurer (Senior Cloud Advocate) This is probably one of the most requested [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":706,"comment_status":"open","ping_status":"open","sticky":true,"template":"","format":"standard","meta":[],"categories":[31,30,20,32,23,34],"tags":[52,25,49,53,50,51],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v15.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Moving your data to a serverless infrastructure with Azure Files and Active Directory Authentication (Preview) - Tunecom<\/title>\n<meta name=\"description\" content=\"Get started with Native Active Directory authentication for Azure Files with a couple of scripts. And start moving your fileserver to serverless files.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Moving your data to a serverless infrastructure with Azure Files and Active Directory Authentication (Preview) - Tunecom\" \/>\n<meta property=\"og:description\" content=\"Get started with Native Active Directory authentication for Azure Files with a couple of scripts. And start moving your fileserver to serverless files.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617\" \/>\n<meta property=\"og:site_name\" content=\"Tunecom\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-28T07:22:43+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-02-28T07:24:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/azurefiles.png\" \/>\n\t<meta property=\"og:image:width\" content=\"846\" \/>\n\t<meta property=\"og:image:height\" content=\"591\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Estimated reading time\">\n\t<meta name=\"twitter:data1\" content=\"14 minutes\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#organization\",\"name\":\"Tunecom\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#logo\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2019\/09\/Original-on-Transparent-1.png\",\"width\":5000,\"height\":1749,\"caption\":\"Tunecom\"},\"image\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#website\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/\",\"name\":\"Tunecom Consulting\",\"description\":\"Get in tune with your digital transformation journey\",\"publisher\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-GB\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#primaryimage\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/wp-content\/uploads\/2020\/02\/azurefiles.png\",\"width\":846,\"height\":591,\"caption\":\"azurefiles\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#webpage\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617\",\"name\":\"Moving your data to a serverless infrastructure with Azure Files and Active Directory Authentication (Preview) - Tunecom\",\"isPartOf\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#primaryimage\"},\"datePublished\":\"2020-02-28T07:22:43+00:00\",\"dateModified\":\"2020-02-28T07:24:04+00:00\",\"description\":\"Get started with Native Active Directory authentication for Azure Files with a couple of scripts. And start moving your fileserver to serverless files.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"position\":2,\"item\":{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617\",\"url\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617\",\"name\":\"Moving your data to a serverless infrastructure with Azure Files and Active Directory Authentication (Preview)\"}}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#webpage\"},\"author\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#\/schema\/person\/339cfa79b82ddc2200b535651b955a7d\"},\"headline\":\"Moving your data to a serverless infrastructure with Azure Files and Active Directory Authentication (Preview)\",\"datePublished\":\"2020-02-28T07:22:43+00:00\",\"dateModified\":\"2020-02-28T07:24:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#webpage\"},\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#primaryimage\"},\"keywords\":\"activedirectory,Azure,azurefiles,serverless,storageaccounts,windowsserver\",\"articleSection\":\"Azure Files,Azure Storage,Cloud,Identity,Virtual Datacenter Concept,Windows Server AD\",\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.tunecom.be\/stg_ba12f\/?p=617#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#\/schema\/person\/339cfa79b82ddc2200b535651b955a7d\",\"name\":\"admin.yannickd\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.tunecom.be\/stg_ba12f\/#personlogo\",\"inLanguage\":\"en-GB\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f73a5ebb65b1c97d5ef7bfe49bd04e1d?s=96&d=mm&r=g\",\"caption\":\"admin.yannickd\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/posts\/617"}],"collection":[{"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=617"}],"version-history":[{"count":92,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/posts\/617\/revisions"}],"predecessor-version":[{"id":720,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/posts\/617\/revisions\/720"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=\/wp\/v2\/media\/706"}],"wp:attachment":[{"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tunecom.be\/stg_ba12f\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}