Share via

Identity-based access continually reverts to "Unconfigured" in Azure Files. Why?

Tony Reynolds 0 Reputation points
2025-02-17T15:59:38.6733333+00:00

I have an Azure Storage account and in that account I have a File Share where I'm trying to enable "Identity-based access" using Entra Domain Services. However, every time I enable Entra DS on the File share the setting shows "Configured" for a few minutes and then switches back to "Unconfigured". There are no errors. It just flips back to "Unconfigured". I have checked my Entra DS configuration in Entra ID and everything looks good there. I'm just sure why setting this seems to work, but then it reverts back after a few minutes. Anyone seen this who can offer some advice?

Here are screenshots of the procedure:

First, as you can see, "Identity-based access" is not configured.
User's image

I click on where it says "Not configured" and then choose "Entra Domain Services" and check the "Enable Microsoft Entra Domain Services..." checkbox and click "Save".
User's image

Back at the 'Overview' screen for my Azure File Share I now see that it shows "Configured". That is great and should allow me to mount that file share to a Windows Server VM that I have in this environment and set file/folder level permissions.

User's image

Except that within a few minutes, it switches back to "Unconfigured". No error messages. No clues as to why it switched back.
User's image

I've set this setting many times and it always flips back. I've checked my VERY basic Entra Domain Services configuration but don't seen anything wrong. Has anyone seen this before? If so, how did you fix it?

Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
1,366 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Keshavulu Dasari 3,380 Reputation points Microsoft Vendor
    2025-02-17T18:11:08.1066667+00:00

    Hi Tony Reynolds,

    To address the issue of "Identity-based access" reverting to "Unconfigured" in your Azure File Share please Verify Entra DS Configuration ensure that Microsoft Entra Domain Services is correctly configured on the Microsoft Entra tenant associated with your subscription. Sometimes, the issue can occur if Entra DS is not properly set up on the tenant.

    Confirm that you have the necessary permissions to enable identity-based access. Insufficient permissions can cause the setting to revert Utilize the AzFileDiagnostics tool to detect any incompatible client configurations that might be causing the issue. This tool can provide prescriptive guidance on how to fix the problem.

    Execute the Debug-AzStorageAccountAuth cmdlet to perform basic checks on your Active Directory configuration. This can help identify any issues with your AD setup.

    If you are using the Azure portal to make the changes, try using other methods such as CLI, PowerShell, or REST API to see if the issue persists. Ensure that there are active tenants with the tenant ID in your Microsoft Entra tenant. Sometimes, the issue can occur if the tenant is not active or properly configured.

    For more information:
    https://learn.microsoft.com/en-us/troubleshoot/azure/azure-storage/files/security/files-troubleshoot-smb-authentication?tabs=azure-portal

    Your contribution is highly appreciated. Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.  
    User's image          

    If you have any other questions or are still running into more issues, let me know in the "comments" and I would be happy to help you

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.