I'm trying to access on-prem resources (file share on a file server) via Azure, but I'm stuck and don't know how to continue.
On Prem: 1 Domain Controller and 1 File Server (Server 2019 Std). Both are joined to a local domain. The DC runs Azure AD Connect for sync.
Client: Laptop running Windows 10, joined to the Azure AD. Is in a different network.
Goal: Laptop should access the file share.
For sure I just could use a VPN or smth, but I'm trying to learn a bit Azure.
I'm referring to the following Microsoft Website: https://learn.microsoft.com/en-us/microsoft-365/business/access-resources
"You can also allow access to on-premises resources like line of business (LOB) apps, file shares, and printers. To allow access, use Azure AD Connect to synchronize your on-premises Active Directory with Azure Active Directory."
I dont think those are related at all. Network path must exist between your laptop and the file share. And the Azure AD Connect can help you with authentication\authorization, not with establishing the network connection. You should use VPN to establish network connectivity and you can use Azure AD Connect to sync identities to be able to use the same identity to access resources in the cloud\on-premises
Related
I'm deploying my first VM in azure but I can only connect from Azure Joined devices, and I have some external users without company laptops that need to connect,
To increase the security, I'm deploying access control with MFA for this machine.
Thanks.
I have a requirement to create and save file from web application hosted in Azure App Service (ASE, Linux) to Network share on-premise. Network share already exists and is being written to by applications which I don't have control over. App Service is blocking ports so I can't write to network share directly. Assuming Azure to On premise connection is configured correctly what options do I have?
I have an on-premises Windows Server and Azure File Storage.
From my Windows Server, I want to use "Map network drive" to map the Azure file storage folder to a drive letter.
There is an 'Express route' between my company's intranet and Azure.
I know how to do this within Azure Windows VM. I am struggling to get mapping done from on-Prem server.
First of all, you need to ensure that you have port 445 opened for the SMB protocol to work. This is easier in Azure VM but tough to get approval from any corporate IT security team. If you are through with this, this post on Microsoft Docs gives you required details.
I am using Azure AD to test SSO for a customer, and it appears that I have to download AD Connect. I am on a Mac, but intend to test in a Windows 10, MS AD VM in Azure. How do I incorporate AD Connect into my VM when my Mac won't open the download file?
AD Connect is required in order to sync directory information between on-prem AD and AAD. You can (but might violate security best practices) run AD Connect on the Domain Controller itself. Once setup, users will sync between your on-prem environment and AAD. You can then test SSO.
I'm not sure where you got the requirement that AD Connect needs to be installed on your mac. It doesn't, it just needs to be installed on a windows server with access to the domain as well as internet access to sync with AAD.
Given the recent updates to Windows Azure I am wondering if it is possible to create a domain controller and file server on Azure, then connect 10 to 20 remote workers using Azure Connect to this "virtual office".
My primary interest is whether or not a domain controller can exist in the cloud and service desktops with Active Directory as they roam. This would eliminate the need for an onprem server for a small business. Active Directory would be used for desktop logins and group policies, and potentially to authenticate a hosted file server, sharepoint instance, etc.
I see a lot of posts about domain controllers servicing offices over a VPN, and replicated azure domain controllers to onprem domain controllers, but nothing about whether a domain controller can run in the cloud and service roaming desktops (presumably with azure connect).
I am excited and ready for someone to tell me it's not possible. LOL
Yes this is possible, there are 2 tutorials that can help you with this:
The first one will help you setup a virtual network: Create a Virtual Network for Cross-Premises Connectivity
The second one will help you to install a new AD Forest in Windows Azure: Install a new Active Directory forest in Windows Azure