Share via

Need help in understanding the issue with the storage Blob

Avinash Dhanukonda 25 Reputation points
2025-11-19T05:19:33.05+00:00

Hello All,

We have a storage account and blob with several blob containers. This storage account is linked to the virtual machine we are using for the domain controller DC machine in our tenant.

When we grant permission to the drive in the VM, some users inside the DC machine are able to access the drive from the AVD, while others are not, despite all permissions being set correctly.

Could you please help us understand where this issue might be coming from? Thank you!

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
Answer accepted by question author
  1. Praveen Bandaru 9,170 Reputation points Microsoft External Staff Moderator
    2025-11-19T07:53:40.57+00:00

    Hello Avinash Dhanukonda

    It appears that some users are unable to access a blob container in your Azure storage account, even though others can and the permissions seem to be set correctly.

    Make sure the permissions are properly configured, as they may be set at different scopes such as the blob or container level. Confirm that all users have access at the necessary level. Need specific roles like Storage Blob Data Reader or Contributor on the storage account or container. If roles are missing or assigned at the wrong level, access will fail.

    • If Azure Active Directory is being used for authentication, check that the affected users have the appropriate roles assigned, such as "Storage Blob Data Reader" or "Storage Blob Data Contributor."
    • Even if the Azure permissions are set up correctly, the mounted drive within the VM relies on NTFS permissions. Without NTFS access granted to the user or group, they will not be able to access the drive.
    • If your storage account is connected to a VM and may be behind a network setup like a private endpoint, make sure users within the virtual network have access to the storage account. Review the firewall settings to confirm that the users' IP addresses are whitelisted.
    • For access via Azure Virtual Desktop, verify that AVD instances can reach the storage account. Check that the AVD is on the correct virtual network and that no network security groups or Azure policies are restricting access.
    • Also, if you use SAS tokens, check that they are valid and correctly configured.

    Check the below documents for more understanding:
    Authorize access to data in Azure Storage
    Azure Storage network security

    I hope the above answer is helpful to you!

    Please let us know if you have any further questions. Don't forget to "up-vote" wherever the information provided is useful to you, this can be useful to other members of the community.

    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.