Azure Files Service Gets Active Directory Domain Services Support
Microsoft this week announced a few milestones for its Azure Files cloud-based file share service.
The use of Active Directory Domain Services (ADDS) with the Azure Files service has reached the "general availability" stage, Microsoft announced on Thursday. It means the feature is deemed ready for use in production environments.
ADDS enables the synchronization of local Active Directory accounts with the Azure Active Directory service. It's helpful to use ADDS with the Azure Files service because it permits existing on-premises Windows access control lists (ACLs) to be used with the Azure Files service.
Once that's done, Azure Files will work like an on-premises file share, Microsoft suggested. The ADDS integration with Azure Files will help ease migrations of on-premises file shares to the cloud, Microsoft claimed:
As long as your on-premises servers or user laptops are domain-joined to AD DS, you can sync Active Directory to Azure AD, enable AD DS authentication on the storage account, and mount the file share directly. It makes the migration from on-premises to cloud extremely simple as the existing Windows ACLs can be seamlessly carried over to Azure Files and continue to be enforced for authorization.
Azure Files for VDI
Microsoft is also touting the use of the Azure Files service, introduced almost six years ago, for use with virtual desktop infrastructure (VDI) remote-access file storage scenarios. In such cases, using ADDS can simplify the setup, and enable single sign-on access by end users. Azure Files used with VDI permits storage to scale to meet demands as well.
Even though ADDS simplifies the setup under VDI scenarios, Microsoft has enlisted partners to help. For instance, "Citrix has partnered with Microsoft to provide day-one support for Azure Files as a certified storage solution for both User Profile Management and User Personalization Layer technologies," the announcement indicated.
Other Azure Files Enhancements
Microsoft also this week announced some other Azure Files enhancements, some of which are at the preview stage.
For instance, Microsoft is previewing an Azure Files soft delete feature, which functions "like a recycle bin for your file shares." IT pros can configure how long the soft-deleted snapshot data will be available for possible restoration before being permanently erased. Soft-deleted content first must be "undeleted" before it's able to be restored, Microsoft explained.
The soft delete preview is currently turned off for new and existing Azure Files accounts, but it'll be "enabled by default" for new accounts sometime "later this year." Microsoft added that "in the API, it will be on by default beginning January 1, 2021."
Microsoft also noted that it's possible to use the Azure Backup service to store Azure Files snapshots, which were defined as "read-only, point-in-time copies of your Azure file share." Azure Backup support for Azure Files reached the general availability stage back in April. Users can create Azure Backup policies for storing "weekly, monthly, and yearly snapshots." These snapshots can be retained on the Azure Backup service for "up to 10 years."
"The backup policy automatically takes care of pruning expired snapshots, allowing you to stay within the 200 snapshots limit per file share," Microsoft explained regarding Azure Backup's handling of snapshot data.
Microsoft's also noted that it working on expanding redundancy options for users of the Azure Files service.
"Geo-redundant (GRS) and geo-zone-redundant storage (GZRS) is available for standard file shares under 5 TB and we are actively working on geo-redundant storage for standard file shares of up to 100 TiB," the announcement indicated.
About the Author
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.