Share via

Azure Files + Azure File Sync without domain (Cloud-only)

EPNAdam 115 Reputation points
2025-05-08T06:54:01.5833333+00:00

Hi,

Background

We have an environment with Intune managed Windows 11 clients enrolled via Autopilot. All our accounts are cloud-only (Entra ID) and we do not have any domain controllers. We are more or less fully cloud.

We are looking into Azure Files with Azure File Sync to enable file server capabilities (mapped file share) across a couple sites of ours. Based on the Azure Files documentation you must have some kind of directory service (AD DS, Entra Domain Services etc.) for SMB with permissions. There is no simple way of just having Entra ID accounts for authentication and permission control without any directory service for non-domain joined clients.

Question

In our case introducing this would increase complexity and we would like to keep our non-domain and cloud native environment. This comes down to the questions:

  1. To contradict my background statement and understanding of Azure Files, is it possible to have Azure Files and Azure File Sync with SMB and granular access permissions without domain-joined clients and no domain services?
  2. Have been looking at 3rd party alternatives such as Triofox, any experience in it or otehr alternatives?
  3. Other options in the Microsoft sphere that could allow file share capabilities?
  4. Will Azure Files support cloud-native environments without all the domain services hassle?
Azure Files
Azure Files
An Azure service that offers file shares in the cloud.
0 comments
Answer accepted by question author
  1. Vinod Kumar Reddy Chilupuri 4,190 Reputation points Microsoft External Staff Moderator
    2025-05-08T10:18:07.7166667+00:00

    Hi EPNAdam,

    You are trying to navigate the complexities of using Azure Files and Azure File Sync without a domain or directory services.

    1. Azure Files and Azure File Sync without Domain Services: For Azure Files, it typically requires a directory service (like Active Directory or Entra Domain Services) to manage SMB access permissions. While you can access Azure Files without a domain, you won't be able to enforce granular ACLs directly through Entra ID without some form of directory service or Azure AD integration. So, for your setup, you would face limitations regarding granular permissions management.
    2. Third-Party Alternatives: Triofox is a popular choice for secure file sharing. I cannot provide specific experiences or recommendations regarding those options. However, you might want to consider alternatives like Nextcloud or ownCloud, which could also suit your needs for cloud file sharing without domain dependencies.
    3. Other Options: If you're looking for file-sharing capabilities in a cloud-native environment, consider using SharePoint Online. It allows for file storage and sharing without needing a domain and integrates smoothly with Intune-managed devices.
    4. Support for Cloud-Native Environments: Currently, Azure Files doesn't fully support cloud-native environments without domain services if you require SMB and granular access permissions. As of now, it is optimized for environments with either on-premises or Azure AD-connected domains.

    Frequently asked questions (FAQ) about Azure Files and Azure File Sync
    SharePoint Online for File Collaboration

    Hope the above suggestion helps! Please let us know do you have any further queries.

    Please do consider to “Accept the answer” wherever the information provided helps you, this can be beneficial to other community members. 

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.