You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
> This command returns the current IP address of the storage account. This IP address is not guaranteed to remain the same, and may change at any time. Don't hardcode this IP address into any scripts, or into a firewall configuration.
111
111
112
112
#### Solutions for cause 1
@@ -231,6 +231,8 @@ Make sure port 445 is open and [check DNS resolution and connectivity to your fi
231
231
232
232
### [Linux](#tab/linux)
233
233
234
+
Linux clients can use [AzFileDiagnostics](https://github.com/Azure-Samples/azure-files-samples/tree/master/AzFileDiagnostics/Linux) to automate symptom detection and ensure that they have the correct prerequisites.
235
+
234
236
Common causes for this problem are:
235
237
236
238
- You're using a Linux distribution with an outdated SMB client. See [Use Azure Files with Linux](/azure/storage/files/storage-how-to-use-files-linux) for more information on common Linux distributions available in Azure that have compatible clients.
@@ -262,17 +264,17 @@ To learn more, see [Prerequisites for mounting an Azure file share with Linux an
262
264
1. Connect from a client that supports SMB encryption or connect from a virtual machine in the same datacenter as the Azure storage account that's used for the Azure file share.
263
265
2. Verify the [Secure transfer required](/azure/storage/common/storage-require-secure-transfer) setting is disabled on the storage account if the client doesn't support SMB encryption.
264
266
265
-
##### Cause 2: Virtual network or firewall rules are enabled on the storage account
267
+
##### Cause 2: Virtual network or firewall rules are enabled on the storage account, or port 445 is blocked
266
268
267
-
If virtual network (VNET) and firewall rules are configured on the storage account, network traffic will be denied access unless the client IP address or virtual network is allowed access.
269
+
If virtual network (VNET) and firewall rules are configured on the storage account, network traffic will be denied access unless the client IP address or virtual network is allowed access. In addition, if your company or ISP is blocking port 445 outbound, you won't be able to mount the share.
268
270
269
271
##### Solution for cause 2
270
272
271
-
Verify that the VNET and firewall rules are configured properly on the storage account and the port 445 is allowlisted. To test if virtual networks or firewall rules cause the issue, you can temporarily change the setting on the storage account to **Allow access from all networks**. To learn more, see [Configure Azure Storage firewalls and virtual networks](/azure/storage/common/storage-network-security).
273
+
Verify that the VNET and firewall rules are configured properly on the storage account, and that port 445 is allowlisted. To test if virtual networks or firewall rules cause the issue, you can temporarily change the setting on the storage account to **Allow access from all networks**. To learn more, see [Configure Azure Storage firewalls and virtual networks](/azure/storage/common/storage-network-security).
272
274
273
275
##### Cause 3: SMB client is configured to use NTLMv1
274
276
275
-
Azure Files only supports NTLMv2 and Kerberos for SMB file shares. Kernel 4.4 and later versions enable NTLMv2 by default and disable LANMAN. Under default configurations, NTLMv1 is kept as a negotiation only option. For more information, see your OS documentation.
277
+
Azure Files only supports NTLMv2 (storage account key only) and Kerberos authentication for SMB file shares. NTLMv1 isn't supported. Kernel 3.3 and later versions default to NTLMv2 unless overridden with the `sec` mount option. Kernel 4.4 and later versions enable NTLMv2 by default and disable LANMAN. Under default configurations, NTLMv1 is kept as a negotiation only option. For more information, see your OS documentation.
276
278
277
279
##### Solution for cause 3
278
280
@@ -284,7 +286,7 @@ When storage account key access is disabled or disallowed for a storage account,
284
286
285
287
##### Solution for cause 4
286
288
287
-
Use identity-based authentication. The file share must be joined to an on-premises Active Directory Domain Servies (AD DS) or Microsoft Entra Domain Services domain, and the Linux client must be [configured to use Kerberos authentication](/azure/storage/files/storage-files-identity-auth-linux-kerberos-enable).
289
+
Use identity-based authentication instead. See [Enable Active Directory authentication over SMB for Linux clients accessing Azure Files](/azure/storage/files/storage-files-identity-auth-linux-kerberos-enable) for prerequisites and instructions.
288
290
289
291
#### <a id="error115"></a>"Mount error(115): Operation now in progress" when you mount Azure Files by using SMB 3.x
Linux clients can use [AzFileDiagnostics](https://github.com/Azure-Samples/azure-files-samples/tree/master/AzFileDiagnostics/Linux) to automate symptom detection and ensure that they have the correct prerequisites.
498
+
495
499
In Linux, you might see the following issues.
496
500
497
501
### Open handles on files or directories
@@ -589,6 +593,8 @@ If you're using Azure file shares to store profile containers or disk images for
589
593
590
594
## [Linux](#tab/linux)
591
595
596
+
Linux clients can use [AzFileDiagnostics](https://github.com/Azure-Samples/azure-files-samples/tree/master/AzFileDiagnostics/Linux) to automate symptom detection and ensure that they have the correct prerequisites.
597
+
592
598
### <aid="permissiondenied"></a>"[permission denied] Disk quota exceeded" when you try to open a file
593
599
594
600
In Linux, you might receive an error message that resembles the following:
0 commit comments