I am desperately looking for a solution. Posting this question after wasting almost 4 days. We have a file storage application and we are using Azure File Share to manage the files. The file shared can be connect as a Drive in PC or VM using SMB 3.0 protocol. We are good in this stage. The problem is starting just after it.
Support we have a file shared named Our Projects. Inside of this file share lets have 3 project folders.
Project 1
Project 2
Project 3
We are using AD for user authentication. So, when a user attach a file share into own PC, expecting a solutions like that
User One have the access on Project 1 folder only
User Two have the access on Project 2 and Project 3 folders
After lot's of googling getting suggestions to do it using Azure AD Domain Service and VM. I have watched some tutorials on Azure File Share on Pluralist as well. But, I am not getting confident to active our expected solutions.
Looking for expert suggestions or what could be the best approach to achieve it?
Or is it really possible in azure, what I am expecting?
I really really looking for a good solutions from azure experts desperately.
I am new user in Azure Active Directory and Active Directory Domain Service. Please receive lot's of thanks in advance.
Please read here, https://learn.microsoft.com/en-ca/azure/storage/files/storage-files-active-directory-overview#ad-ds
You can either give users access through either Azure ad ds, or on-prem ad ds by making sure you have a hybrid environment with Azure ad connect so that your users are properly synced across.
After that, you create the Azure file share, then you can mount it and set directory level permissions in that share like you normally would with an on prem server.
https://learn.microsoft.com/en-ca/azure/storage/files/storage-files-active-directory-overview#configure-directory-or-file-level-permissions-for-azure-files
Related
Our platform is UiPath Cloud Orchestrator with DEV/Test/Prod tenants. The Robots are hosted on Azure Windows instances for DEV / Test / Prod.
I created an UiPath App to upload an Excel file, store it in a storage bucket, then start a unattended process to read the excel file.
The UiPath app points and binds to the storage bucket and process in the DEV tenant.
I would like to deploy and migrate the UiPath app to point to the Test Tenant. It seems like that to point to Test, I have to change the app in the app studio to switch the pointers/bindings for the process and storage bucket and replace them and change or confirm the UI elements are correct.
Does anyone know if there is a better way to do migrate the app to another tenant for the UiPath apps?
It does not seem right to have to change the pointers this way. It only just allows us to point to one tenant at a time so hard to really have DEV/Test/Prod instances of the Uipath app without having copies of the app for each tenant.
I can export the app (.uiapp file) and import the file across Cloud platforms but not across the tenants without changing the name of the app. The .uiapp file seems to be a json format with the bindings in the file with specific ids etc. Changing the pointers and bindings here would be error prone as well.
I have looked through the documentation, the uipath academy training and the forums which do not provide an answer.
Appreciate the insight!
As your using the Azure Host, I'm assuming that you might be using the Azure DevOps for your packaging and publishing.
Have a look at the package below:
https://marketplace.visualstudio.com/items?itemName=uipath.vsts-uipath-package
You can set the Tenancy level so that it's packaged for that specific tenant, can create any assets etc.
I have created a file share by using azure file share and the drive is mounted in my windows 10 client . but when i am trying to add someone else i am getting an error " Make sure the pc is azure domain joined "
I need help is solving this . please share any article or steps to grant the permissions to other users in Ad to access these file shares in Azure
Regards
Abhay
To do this your PC must be a member of the Azure AD domain. See : https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-domain-service-enable
After global overview about Windows Azure platform i still have some questions in my mind i would like you to kindly answer. Hope it will be also usefull for some people besides me.
One of my application uses sql server db for text data and second db which is just simply images db (folder structure own db) where
images are stored and by using ftp my aplication can download/upload
there. The question is: a) If i would go azure does "sql azure" is
place where can i place my sql server db? b) What about my folder
structure database - is there some place on azure storage i could put
my folders containing images and configure ftp to it? I heard about
BLOBS but can i ftp to it?
Is there possibility to place Windows forms application to Azure that it could work as remote application which specific users could
access instead of installing on every client machine?
Regarding Worker role - is there possibility to just simply move Windows service application to azure as worker role or there are some
things which has to be rebuilt to work in azure?
If i would go azure does "sql azure" is place where can i place my sql
server db.
You could definitely use SQL Azure to host your SQL database. Other alternative would be to use a SQL Server inside a Virtual Machine.
What about my folder structure database - is there some place on azure
storage i could put my folders containing images and configure ftp to
it? I heard about BLOBS but can i ftp to it?
Blobs is definitely the place to store files and folders though they don't support FTP. However there are many storage explorers available (both free and paid), using which you can upload files and folders from your local computer into Azure Blob Storage. Another alternative would be Azure File Storage.
Is there possibility to place Windows forms application to Azure that
it could work as remote application which specific users could access
instead of installing on every client machine?
Yes, it is possible. Please look into Azure Remote App Service.
Regarding Worker role - is there possibility to just simply move
Windows service application to azure as worker role or there are some
things which has to be rebuilt to work in azure?
You can't deploy a Windows Service application as is into a Worker role. You have to tweak your code a bit. Other alternatives that you may want to look into is hosting your Windows Service in a Virtual Machine (to the best of my knowledge, it should be without any code changes) or converting your Windows Service into a WebJob.
In addition to everything that Gaurav mentions and as he alludes to, you can also investigate Azure Files. You can mount file shares from any onprem application. Since Azure Files supports the SMB protocol, you can use standard file system API to interact with it.
https://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-files.
Is DirSync a must for AD FS hosted on Azure Virtual Machines?
I keep reading Azure solution with DirSync. Is it absolutely impossible to federate directly without syncing active directory.
I am looking to implement Federated Web SSO on Azure, it would be a huge set back having to sync client Active Directories.
Yes, you will need DirSync for AD FS to function properly with Azure. What's the setback, specifically? The only real caveat I can find is a 300,000 object limit, not sure if that's per domain but it seems they're open to lifting the limit if you contact support.
If it's the setup you're concerned about, it's pretty basic. You will likely need clients to provision a VM, but that's not crazy talk or anything. Here's a few (short) TechNet articles to walk you through it:
Prepare for directory synchronization
Active directory synchronization
Install or upgrade the Directory Sync tool
Synchronize your directories
I work for a network management company and I want to write a .Net application (MVC 4) that will allow us to service Active Directory users from a cloud-based application.
As I have never written a cloud-based app, I don't know if I'm using that term correctly or not. I am in the requirements gathering stage. Basically, I'd like to provide our customers with the ability, for example, to change their own password using our cloud-based application.
is this an application that should be written specifically using Azure? If not, what tools and platform(s) should I take into consideration?
What tutorials or other resources are available ?
Actually, I don't even know enough about Active Directory and Cloud computing to ask the right questions. But, I hope someone will point me in the right direction
Read How to Authenticate Web Users with Windows Azure Active Directory Access Control. There are great walk-throughs there. There is more reading and code samples here - Access Control Service 2.0.
That's using ACS.
You could go direct to Azure Active Directory if you wished?
Refer: Adding Sign-On to Your Web Application Using Windows Azure AD.
If you use Office 365, you already have an AAD tenant.