Azure Files
- Roger Cruz
Intro
My notes on Azure Files: file shares in the cloud that are accessible via the Server Message Block (SMB) protocol.
Documentation
Tips and Tidbits
Azure Files uses a pay-as-you-go business model for standard file shares.
The amount you pay is determined by how much you actually use, rather than based on a provisioned amount.
Pay a cost for the amount of data stored on disk, and then an additional set of transactions based on your usage of that data.
Azure Files uses a provisioned model for premium file shares.
You proactively specify to the Azure Files service what your storage requirements are, rather than being billed based on what you use.
Ensure port 445 is open: The SMB protocol requires TCP port 445 to be open; connections will fail if port 445 is blocked.
Azure Files supports identity-based authentication over Server Message Block (SMB) through two types of Domain Services:
on-premises Active Directory Domain Services (AD DS) and
Azure Active Directory Domain Services (Azure AD DS).
To enable Azure AD DS authentication over SMB for Azure Files, you can set a property on storage accounts.
Setting this property implicitly "domain joins" the storage account with the associated Azure AD DS deployment.
Azure AD DS authentication over SMB is then enabled for all new and existing file shares in the storage account.
Enable Azure Active Directory Domain Services authentication on Azure Files
Follow this great video on redirecting an on-prem file share to Azure Files. You will learn about storage private endpoints, Kerberos, DNS configuration, DFS-N and more.
Connecting To An Azure File
Azure Storage file share mapping uses the storage account name and one of two storage account keys as the equivalents of user name and password, respectively in order to gain access to the target share.
From the Azure File, click Connect to get:
$connectTestResult = Test-NetConnection -ComputerName rogercruzaz303.file.core.windows.net -Port 445
if ($connectTestResult.TcpTestSucceeded) {
# Save the password so the drive will persist on reboot
cmd.exe /C "cmdkey /add:`"rogercruzaz303.file.core.windows.net`" /user:`"Azure\rogercruzaz303`" /pass:`"6g7CZorwvuAsKvfTAnHVJIjWIjTBbAgTGJMavlNRgMHAaO66WZVoYuXcFycmXLww==`""
# Mount the drive
New-PSDrive -Name Z -PSProvider FileSystem -Root "\\rogercruzaz303.file.core.windows.net\az30306a-share" -Persist
} else {
Write-Error -Message "Unable to reach the Azure storage account via port 445. Check to make sure your organization or ISP is not blocking port 445, or use Azure P2S VPN, Azure S2S VPN, or Express Route to tunnel SMB traffic over a different port."
}
If you delete the storage account/fileshare BEFORE disconnecting the drive from Windows, it will be a nightmare to remove the mapped drive. After many hours of research, this is the only method that worked for me
Source: Mapped drives “stuck” on Windows 7 after disconnecting them..solutions?
According to this site user Zach H's method, I went to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\ ,right-click on the drive mapping key (the "ghost" drive, if Z: is mapped to \\Server\folder then it
would appear as ##Server#folder), deleted it ,and then restarted explorer.exe and the disconnected drive disappeared.
Import Large Number Of Files
Use the Azure Import/Export service to securely import large amounts of data into Azure Files.
To import data, the service requires you to ship supported disk drives containing your data to an Azure datacenter.
Tutorial: Transfer data to Azure Files with Azure Import/Export
Install Azure Import/Export version 2 tool.
Modify the dataset.csv file in the root folder where the tool is.
Depending on whether you want to import a file or folder or both, add entries in the dataset.csv file.
Modify the driveset.csv file in the root folder where the tool is.
The driveset file has the list of disks and corresponding drive letters so that the tool can correctly pick the list of disks to be prepared