Configure Azure Files and File Sync

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

7 hours 46 minutes
Video Transcription
Hello and welcome back to Siberia's Microsoft Azure administrator. Easy 103 Course, I'm Will Carlson. And this is Episode 20 configuration files and file sink.
In today's episode, we're going to do just that. We're gonna configure an azure file share.
We're gonna talk about how you map that file share to a local client, end point and we're also gonna step through and discuss configuring azure file sink
to get started. We're gonna jump right back here into Portal, and we're gonna go to our storage account that we created in a previous episode.
We're gonna click on into that storage account, and we're gonna scroll down here into files
very similar to our blob storage. There's not a whole lot going on here, but I can create a file share here.
All I have to do is name that final share.
You can put a quota here as well, and that's a great testable differentiator between file shares and blob storage. Blob storage does not have an equivalent function, So if the test asks you or mentions that quota would be required, the answer is going to be a file share.
We're gonna go ahead and create that file share,
and that's really all there is to it. We've created a file share here in Azure.
Another differentiator between file shares and blob storage is that follows. Shares are conducted over the S and B protocol or with port 445 Now, if you're testing this in your home environment, you may run into the fact that your I s P likely blocks outbound 445
And that's gonna be for security reasons, functionally here in Azure. You won't likely run into that issue because you'll have a VP and set up between your on prim site and the azure environment as well.
We will talk about setting a BP ends with azure in the networking sections coming up.
Now that we have this file share up, let's go ahead and click on the file share itself
and you can see that this window looks very similar to the blob storage window as well. With snapshots in here, we can edit the quota after we've deployed the azure file share, which is great. You can grow. This is you need thio.
We can add directories and we can even upload files right from here
very similar again, too.
Blob storage.
I'm gonna go ahead and upload a file here real quickly
and let's go ahead and upload this C I s controls work. She
go ahead and click, upload.
And there I've uploaded files to the azure file share. Now, clearly, you're not gonna be interfacing with the azure file shares be a portal most of the time, and your end users most definitely will not. So how do you get connected to the file share from your in pointing device
again, Relatively straightforward. We're gonna click here on Connect and Portal is gonna show us a few different ways for a few different operating systems as to how we connect to an azure file share.
One interesting thing here that I want to point out about the Power Shell Command to map this drive is that the first thing that it does is test net connection. And that's just to make sure that you can actually connect to the azure foul share before it attempts to create the drive letter on your windows end point.
And in order to do this, all you have to do is copy and paste this into a power shell command window, and that's gonna map that drive for you on your end point device.
The same thing can be said for linen or Mac OS as well. You just copy and paste the commands into a command line window, and that's gonna create that drive for you.
You'll also notice here that because of the way we set up the storage account that we are required to communicate with this file share via a secure method. In this case, that means you have to use S and B 3.0 in order to support encryption.
And as your file share usage really can be just that simple.
I want to go on now, though, and talk about azure file sink because just about every production workload has some file storage of one kind or another. And if you can move that over into Azur and still interface with that storage in exactly the same way that you always have, that's really pretty powerful.
So with the previous example that we gave you, would is the administrator need to go in and map a new drive for the end user, and they would need to know to use that new drive. But
as your offers an even more simple way for the end user to interact with file storage. And that's via as your file stink. So we're gonna go up here to create a new resource and search for azure file sink. There it is.
We're gonna go ahead and click on that and create an azure file sink service.
As with many of the things that we've done here and azure, we have to select a subscription and a resource group.
And then we also need to pick a name for the service.
I'm gonna leave that here and let's actually make this central us.
We don't need to see tags, and we're gonna review and create and then create that balancing service.
Now that that housing service has been created, we're gonna go ahead and click, go to resource,
and that puts us down into the final sink.
Now, the first thing we need to do in this file sink service is create a sink group.
We're gonna go ahead and name this file. Same group.
We're gonna leave this in the free trial subscription, and then we have to select a storage account that we would like to use.
I'm gonna use the only one that we have here.
And then I'm gonna go ahead and click on the file share that I would like to use as well.
We're gonna create that final sinks in group
and let that deploy
setting up that sink group has actually deployed the cloud end point. So the azure side of this communication So what we have to do now is deploy the on premise side of the equation and that's gonna be done by clicking here on registered servers.
Clearly, we have no registered servers here because we haven't installed the azure file sing agent on any of those machines.
I'm gonna go ahead and copy and paste this address,
and I'm gonna move it on over into my virtual machine that's running here in Azure as well.
Now, the first thing you'll likely have to do we get on to your server machine is to go to local server
and disabled the I E enhanced security configuration.
You only have to do this for administrators and you can turn it back on when you're done.
The alternative and maybe more. Best practice way to do this in production would be to download the file sink agent to a separate machine and then use internal file shares after you've made sure the file is safe to move it over to the server. But for the sake of brevity here, we're gonna go ahead and do it this way.
We're gonna open up Internet Explorer.
We're gonna accept these defaults and then pay StarLink here, an Internet explorer.
Go ahead and hide this message, and then you can see right here. It brings me into the address. I'll sing agent download, download that
and select the appropriate one. Here. We're on Server 2016
and hit next.
Now that the M s I has downloaded, I'm gonna go ahead and view the downloads and I'm gonna run that installer.
We're gonna click next to the first dialogue here.
We're gonna accept the terms except the default installation selections.
No custom proxy in this environment.
We're gonna allow Microsoft update as well.
And then here you can check mark this box to automatically update as there are updates to the azure file sink agent and choose whether or not you want to send telemetry information to Microsoft
and I'm gonna hit Install.
Now that that install has completed, I'm gonna go ahead and select finish here. And that should conclude our installation here on the server device.
Now that the insulation is done, we're gonna be prompted by the configuration steps for the azure file sink on the server. Gonna select. Okay. Here.
And you can see that we're missing some required components here for the azure files. Think to run. And what we're missing is the ese power show modules. So we're gonna walk through installing that real quickly.
We're gonna click here. We're gonna open up our shell. Be sure to run this in the 64 bit version and run it as an administrator.
And they were gonna paste this code here. Installed dash module, dash name, ese Nash. Allow clubber, and that's gonna install the ese module here in the server.
We'll say that we need to do some updates here to power shell. We're gonna accept the default is yes.
We're also warned that the current depository isn't one that's already installed, but we're going to say yes to go ahead with that installation as well.
Now that those power show modules are installed. I'm gonna close power shell, and I'm gonna retry this configuration. Step
here in this screen, You most likely won't need to change anything. Nor options here. For that is your environment, our public cloud, our government cloud. And unless you are a government user, you'll have no use for Government Cloud. I'm gonna go ahead and sign in.
That's gonna problem me to sign in with my azure credentials here.
Other all signed into Azure. I'm gonna select the subscription that I'd like to use. I'm gonna stick with my free trial subscription
That's gonna populate my resource group. We're gonna go ahead and select the IITTIE resource group
and they were gonna select our storage sink service. And now we're going to register this server to the storage sink service.
We completed the file sink registration of the server. I can go ahead and select. Okay. Here. And then we're gonna go back to portal.
We're gonna refresh this page
and you can see the server that we just completed. The registration on is here in azure portal as well.
Now we have one more step to get the file sink service all set up and running. We're gonna go back to overview
and we're gonna click on our final sink.
Now we're going to add the server end point into the equation. We created the Cloud End point when we launched the Fall Sing service. We registered the server and now we can deploy the server in point.
This list here shows all of the registered servers Minister like that. And now we get to inter and a path on the server. If you do this wrong, it simply will not work. You will get errors. I'm gonna select the C drive, which is the data disk that I have joined to this particular server.
And then we're gonna look here, a cloud tearing you can enable cloud tearing. And other than just backing up or storing your files onto the azure fella, share is well, cloud tearing will help you offload some of the storage requirements in your on premise environment.
And what this does is that cloud hearing allows the Azure Files Inc service to store the data that you've access recently on your local machines and to store the rest of the data in the azure foul share of service as well
And now I'm gonna go ahead and click, create.
Now that we have everything set up and because we have a really small amount of files to be sync between azure storage and our server, we're going to go ahead and go back to the server and see if the file that we uploaded here in Azure is already there.
We're gonna click here.
We're gonna be looking for the Z drive or the file share here on this machine.
We're gonna click that and we can see that the file that we uploaded in Azure has already sink back to the server using Azure Files, Inc.
So in today's episode, we walk through how you can host s and the file shares you in Azure using azure files. We talked about the differences between blobs and files, and the primary ones are going to be that azure files support quotas, and they're accessible using SMB.
The last thing we covered was the install of the azure file sink solution to synchronize your files both between your on prime servers and azure. And we talked briefly about cloud tearing
and how you can use that to offload some of the storage needs of your on prim servers
coming up. Next, we're gonna spend an episode talking about some ways that you can secure your storage accounts so you don't end up being the subject of the next storage account. Reach. Thanks for joining me today, and I'm looking forward to the security episode coming up next.
Up Next
AZ-103 Microsoft Azure Administrator

This is a training course for the Microsoft Azure AZ-103 Certification. The Microsoft Azure Administrator training course teaches students to perform tasks like managing Azure subscriptions and resources, implementing and managing storage, deploying and managing virtual machines (VM) and networks, and managing identities!

Instructed By