This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 89%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
We would like to make use of Azure Files but require the ability to set NTFS permissions against files/folders. As we do not have any AD Domain controller (ie: we're full Azure AD cloud) i have deployed Azure ADDS. All our users have M365 Business Premium licenses and their Win10 laptops are Azure AD Joined (all laptops are also enrolled into Intune). According to the documentation below, the prerequisites say:
To access a file share by using Azure AD credentials from a VM, your VM must be domain-joined to Azure AD DS.
Does this mean we can only use NTFS permissions with Azure Files if the client devices are AD joined rather than Azure AD Joined?
Any advise or feedback would be appreciated.
Yes it does, the devices need to be domain joined to the Azure AD DS service, but note below that the devices would also need to be Azure VMs themselves. This particular feature is really intended for an Azure hosted solution such as Azure Virtual Desktop.
Ah ok, that's disappointing.
Thanks for taking the time to clarify ;)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 87%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETC%3C/text%3E%3C/svg%3E)
Is it still true?
I understand that in order to use Azure Files with NTFS rights from Entra ID joined PCs, we need:
Right?
Thierry C.