[英]how to check if the azure storage account is domain joined? because need to access files share from the account as shared path from domain joined VM
I am not sure weather azure storage account is domain joined or not.我不确定 azure 存储帐户是否已加入域。 I want to access files from the azure file share storage as shared path without mounting this file share.
我想从 azure 文件共享存储访问文件作为共享路径,而不安装此文件共享。
• You can check if the storage account is domain joined or not by checking the on-premises ADDS environment for a computer account or a service logon account with User Principal Name/Service Principal Name as 'cifs/your-storage-account-name-here.file.core.windows.net' . • 您可以检查存储帐户是否已加入域,方法是检查计算机帐户或服务登录帐户的本地 ADDS 环境,用户主体名称/服务主体名称为“cifs/your-storage-account-name-”这里.file.core.windows.net' 。 For this purpose,
you should have 'ADUser.Read' permissions on the Active Directory environment or you should logon to the AD Users and Computers console with the ID who is a member of 'Domain Members' group
.为此,
you should have 'ADUser.Read' permissions on the Active Directory environment or you should logon to the AD Users and Computers console with the ID who is a member of 'Domain Members' group
。
• If you have 'Contributor' role access to Azure resources in your tenant, execute the below command in Azure cloud powershell to know detailed information regarding the storage account authentication with Active Directory . • 如果您对租户中的 Azure 资源具有“参与者”角色访问权限,请在 Azure 云 powershell 中执行以下命令,以了解有关使用 Active Directory 进行存储帐户身份验证的详细信息。
If the storage account is domain joined to an ADDS environment, then it will display accordingly
: - If the storage account is domain joined to an ADDS environment, then it will display accordingly
:-
Debug-AzStorageAccountAuth -StorageAccountName $StorageAccountName -ResourceGroupName $ResourceGroupName -Verbose
Also, to know whether the Azure files authentication for on-premises identities is enabled or not , kindly refer to the below documentation link.此外,要了解本地身份的 Azure 文件身份验证是否已启用,请参阅以下文档链接。 It describes a powershell script which shows the Active Directory service options for files share in your storage account : -
它描述了一个powershell 脚本,该脚本显示了存储帐户中文件共享的 Active Directory 服务选项:-
https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-enable#confirm-the-feature-is-enabled https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-enable#confirm-the-feature-is-enabled
Account is domain joined or not, can be checked from the Azure file share itself when we click the connect button it show authentication method as active directory enabled.帐户是否加入域,可以从 Azure 文件共享本身检查,当我们单击连接按钮时,它显示身份验证方法为启用活动目录。 and also we can check it from the overview of the account also.
我们也可以从帐户的概述中检查它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.