You’ve migrated your user data to SharePoint and OneDrive but you’re still left with file servers and file data on-premises. With the announcement of Active Directory Authentication for Azure Files, you can now do away with the server entirely and use the cloud to replicate your file servers’ functionality entirely.
We’ve previously talked about migrating files to SharePoint Online and OneDrive for Business. Even if you’ve done this, you will no doubt have a reason for a file server still. If cloud is your goal, why not replace your file server with Azure Files?
You get all the same capabilities as you do with an on-premises file server but the benefits of a Platform-as-a-Service solution that doesn’t require servers.
In our previous post about migrating file servers to SharePoint Online and OneDrive for Business, we primarily focused on user generated content: migrating home drives to OneDrive, migrating folders of team files to SharePoint Online to improve collaboration.
Following the traditional 80/20 rule, this will probably transfer 80% of your file server content to Microsoft 365 but what about the remaining 20%? Do you want to continue to run on-premises servers to provide file services for 20%? Is keeping that remaining 20% highly available and resilient to server failure or data loss going to be too expensive?
What is Azure Files?
Azure Files as a feature has been available in Azure Storage for some time. Using Azure Files, you can present clients with a Server Message Block (SMB) file share that you can use to transfer files in a familiar way to act like a file server with Azure Files, however, Azure Files alone can’t fully replicate the experience.
Using Azure Files natively requires that authentication to the underlying Azure Storage is done using the Access Key on the Storage Account. This may be okay for an application that needs programmatic access to the share, however, for users, it’s a problem.
Sure, as IT you could map the file share for users with the key, however, how do you then know who made changes to audit the use of the file server with Azure Files? How do you control access to ensure that one department has access to sensitive files with others do not?
This is where the announcement of Active Directory authentication to Azure Files comes in.
What is Active Directory Authentication for Azure Files?
Active Directory is the identity and authentication system that you will no doubt be using on-premises today. Today, your users connect to file servers and file shares using their own account and that in turn, grants and denies them access to files and folders they need.
With the announcement of Active Directory Authentication for Azure Files, we can extend this same capability to to provide a file server with Azure Files.
Setting up Azure Files is easy by simply creating a Storage Account and a File Share in the Storage Account. The steps to implement the Active Directory authentication are slightly more involved and require some PowerShell work. It’s all described at https://docs.microsoft.com/en-us/azure/storage/files/storage-files-active-directory-overview.
How do users access the shares?
As IT, we can provision access to the file shares when using the file server with Azure Files exactly as you would an on-premises file server. By simply pointing the users to the UNC path directly or by mapping a Network Folder or Network Drive letter. You can even incorporate Azure Files File Shares into a Distributed File System (DFS) if you are using DFS namespaces to provide a consolidated view of files across the organisation.
Because the access to the file server with Azure Files is based in the cloud, users can access the file shares away from the corporate network allowing users working from home or remotely to continue to be able to access the files out of the office.
What if we aren’t ready to fully migrate our file server with Azure Files?
If you aren’t ready to fully migrate but you want to take advantage of using Azure Files as a means to store file data off-site then you could look at using Azure File Sync. With the Azure File Sync technology, you keep a file server on-premises but you can scale down the size and footprint of the server by moving cold data to Azure Storage and only keeping the hot, frequently accessed data, on-premises.
You can find out more about this at https://docs.microsoft.com/en-us/azure/storage/files/storage-sync-files-planning.
Interested in moving you File Server to the cloud?
If you are interested in moving your file server to the cloud with either Azure Files using Active Directory authentication or you want to keep some files on-premises but downsize, get in touch with us at Arcible and we can help you find the best solution for your file storage needs while leveraging the cloud.