Security has always been a big focus point for Microsoft. Lately, the tech giant made a lot of changes to its cloud computing platform.
Starting with Azure Security Center for IoT, getting through Azure Security Lab, and now focusing on Azure Files, security was the main goal.
Azure Files is getting new security features
That’s why Microsoft just released a new set of security features to enhance the access control experience in Azure Files.
The first of these new security features is Azure Active Directory Domain Service (Azure AD DS) that has authentication support for Server Message Block (SMB) access.
Here’s how Microsoft describes Azure AD DS on their blog:
New changes brought to general availability
The next feature was first showcased at Ignite 2018, but back then it needed a command line tool named “icacls” that wasn’t easily discoverable or consistent with user behaviour.
By integrating Azure AD DS, you can mount your Azure file share over SMB using Azure Active Directory (Azure AD) credentials from Azure AD DS domain joined Windows virtual machines (VMs) with NTFS access control lists (ACLs) enforced.
Now, viewing or modifying the permissions on a file or folder with Windows File Explorer has been massively improved. Once again, permission assignments for Azure Files is available and easier than ever.
Finally, to simplify share level access management, three new built-in role-based access controls were added. The built-in controls are Storage File Data SMB Share Elevated Contributor, Contributor, and Reader.
You’ll no longer have to create custom roles because you can use the built-in ones to grant share-level permissions for SMB access to Azure Files.
And that’s not all, because the Azure team is already working on some new things:
So keep an eye out for new features and services in the future.
Supporting authentication with Azure Active Directory Domain Services is most useful for application lift and shift scenarios, but Azure Files can help with moving all on-premises file shares, regardless of whether they are providing storage for an application or for end users. Our team is working to extend authentication support to Windows Server Active Directory hosted on-premises or in the cloud.
If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.
Still having issues? Fix them with this tool:
SPONSORED
- Azuremicrosoftsecurity
Email *
Commenting as . Not you?
Comment
