You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/storage/files/files-managed-identities.md
+22-5Lines changed: 22 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: This article explains how you can authenticate managed identities t
4
4
author: khdownie
5
5
ms.service: azure-file-storage
6
6
ms.topic: how-to
7
-
ms.date: 12/10/2025
7
+
ms.date: 02/17/2026
8
8
ms.author: kendownie
9
9
ms.custom:
10
10
- devx-track-azurepowershell
@@ -53,7 +53,24 @@ This article assumes that you have an Azure subscription with permissions to cre
53
53
54
54
In addition, the clients that need to authenticate using a managed identity shouldn't be joined to any domain.
55
55
56
-
### Prepare your PowerShell environment
56
+
## Configure the managed identity access property on your storage account
57
+
58
+
In order to authenticate a managed identity, you must enable a property called **SMBOAuth** on the storage account that contains the Azure file share you want to access. We recommend creating a new storage account for this purpose. You can use an existing storage account only if it doesn't have any other identity source configured.
59
+
60
+
You can enable the **SMBOAuth** property on your storage account by using either the Azure portal or PowerShell. Select the appropriate tab for instructions.
61
+
62
+
### [Portal](#tab/windows)
63
+
64
+
Portal instructions here
65
+
66
+
67
+
Next, create an SMB file share on the storage account.
68
+
69
+
70
+
71
+
### [PowerShell](#tab/linux)
72
+
73
+
To enable the **SMBOAuth** property on your storage account using PowerShell, first you must prepare your PowerShell environment.
57
74
58
75
Open PowerShell as administrator and run the following command to set the PowerShell execution policy:
59
76
@@ -92,9 +109,7 @@ You can also select your subscription by specifying your subscription name:
92
109
Set-AzContext -Subscription "<subscription-name>"
93
110
```
94
111
95
-
## Configure the managed identity access property on your storage account
96
-
97
-
In order to authenticate a managed identity, you must enable a property called **SMBOAuth** on the storage account that contains the Azure file share you want to access. We recommend creating a new storage account for this purpose. You can use an existing storage account only if it doesn't have any other identity source configured.
112
+
## Create the storage account
98
113
99
114
To create a new storage account with **SMBOAuth** enabled, run the following PowerShell command as administrator. Replace `<resource-group>`, `<storage-account-name>`, and `<region>` with your values. You can specify a different SKU if needed.
You should now have a storage account and file share ready for SMB OAuth authentication. Verify in the Azure portal that your storage account and file share were created.
125
140
141
+
---
142
+
126
143
## Configure managed identity
127
144
128
145
You can use managed identities with Windows or Linux. Select the appropriate tab and follow the instructions for your operating system.
0 commit comments