Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure Files and Azure File Sync are updated regularly to offer new features and enhancements. This article provides detailed information about what's new in Azure Files and Azure File Sync.
What's new in 2025
2025 quarter 2 (April, May, June)
Metadata caching for SSD SMB file shares is now generally available
Metadata caching is an enhancement for SMB Azure SSD file shares aimed to reduce metadata latency, increase available IOPS, and boost network throughput. Learn more.
2025 quarter 1 (January, February, March)
Azure File Sync support for system-assigned managed identities is now generally available
Azure File Sync support for managed identities is now generally available, enabling customers to be secure by default. Using managed identities eliminates the need for shared keys (storage account key, SAS keys) to authenticate to Azure Files by utilizing a system-assigned managed identity provided by Microsoft Entra ID. Learn more.
Azure Files vaulted backup is now generally available
Azure Backup now supports vaulted backup of HDD file shares to protect against ransomware and data loss. You can define backup schedules and retention settings to store data in the Backup vault for up to 10 years. Vaulted backups provide an offsite copy of your data. In case of data loss on the source account, you can restore it to an alternate account. You can manage vaulted backups at scale via Azure Business Continuity Center and monitor them using Azure Backup's alerting and reporting features.
We recommend switching from snapshot backups to vaulted backups for comprehensive protection against data loss.
For more information, see About Azure Files backup.
REST API support for NFS Azure file shares is now in public preview
Data plane REST API access to NFS Azure file shares will enable further development of multiple value-added services for NFS shares, such as AzCopy and Azure Backup. This enhancement also allows third-party ISV partners to implement efficient migration, backup, and disaster recovery scenarios. Additionally, the REST API support includes OAuth, providing end-to-end security and enabling access without storage account keys.
Support for customer initiated LRS-ZRS redundancy conversion for SSD file shares
Azure Files now supports customer initiated LRS to ZRS (and vice versa) redundancy conversions for SSD file shares. NFS file shares supported if using private endpoints. You can easily manage the migration of your storage accounts through the Azure Portal, PowerShell, or CLI. To learn more, see Azure Files data redundancy.
What's new in 2024
2024 quarter 4 (October, November, December)
Azure File Sync support for system-assigned managed identities is now in public preview
Managed Identities eliminates the need for shared keys (storage account key, SAS keys) to authenticate to Azure Files by utilizing a system-assigned managed identity provided by Microsoft Entra ID.
When managed identities are configured for an Azure File Sync deployment, system-assigned managed identities are used for the following scenarios:
- Storage Sync Service authentication to Azure file share
- Registered server authentication to Azure file share
- Registered server authentication to Storage Sync Service
Public preview is available in all Azure Public and Gov regions supported by Azure File Sync. There's no additional cost to configure Azure File Sync to use managed identities. To learn more, see How to use managed identities with Azure File Sync (preview).
Azure File Sync v19 release
The Azure File Sync v19 release improves performance, security, and adds support for Windows Server 2025:
- Faster server provisioning and improved disaster recovery for Azure File Sync server endpoints
- Sync performance improvements
- Preview: Managed Identities support for Azure File Sync service and servers
- Azure File Sync agent support for Windows Server 2025
To learn more, see the Azure File Sync release notes.
Provisioned v2 for HDD file shares
The provisioned v2 model for Azure Files HDD (standard) pairs predictability of total cost of ownership with flexibility, allowing you to create a file share that meets your exact storage and performance requirements. Provisioned v2 shares enable independent provisioning of storage, IOPS, and throughput. In addition to predictable pricing and flexible provisioning, provisioned v2 also enables increased scale and performance, up to 256 TiB, 50,000 IOPS, and 5 GiB/sec of throughput; and per share monitoring.
To learn more, see understanding the provisioned v2 model.
2024 quarter 3 (July, August, September)
Soft delete for NFS Azure file shares is generally available
Soft delete protects your Azure file shares from accidental deletion. The feature has been available for SMB Azure file shares for some time, and is now generally available for NFS Azure file shares. For more information, read the blog post.
2024 quarter 2 (April, May, June)
Azure Files vaulted backup is now in public preview
Azure Backup now enables you to perform a vaulted backup of Azure Files to protect data from ransomware attacks or source data loss due to a malicious actor or rogue admin. You can define the schedule and retention of backups by using a backup policy. Azure Backup creates and manages the recovery points as per the schedule and retention defined in the backup policy.
2024 quarter 1 (January, February, March)
Generally available: Azure Files large file share support for Geo and GeoZone redundancy
HDD file shares that are Geo (GRS) or GeoZone (GZRS) redundant can now scale up to 100 TiB capacity with significantly improved IOPS and throughput limits. For more information, see Geo and GeoZone redundancy.
Metadata caching for SSD SMB file shares is in public preview
Metadata caching is an enhancement for SMB Azure SSD file shares aimed to reduce metadata latency, increase available IOPS, and boost network throughput. Learn more.
Snapshot support for NFS file shares is generally available
Customers using NFS file shares can now take point-in-time snapshots of file shares. This enables users to roll back their entire filesystem to a previous point in time, or restore specific files that were accidentally deleted or corrupted. Customers using this feature can perform share-level snapshot management operations via the Azure portal, REST API, Azure PowerShell, and Azure CLI. This feature is now available in all Azure public cloud regions. Learn more.
Sync upload performance improvements for Azure File Sync
Sync upload performance has improved, and performance numbers will be posted when they are available. This improvement will mainly benefit file share migrations (initial upload) and high churn events on the server in which a large number of files need to be uploaded.
Expanded character support for Azure File Sync
Azure File Sync now supports an expanded list of characters. This expansion allows users to create and sync SMB file shares with file and directory names on par with NTFS file system, for valid Unicode characters. For more information on unsupported characters, refer to the documentation here.
New cloud tiering low disk space mode metric for Azure File Sync
You can now configure an alert to let you know if a server is in low disk space mode. To learn more, see Monitor Azure File Sync.
What's new in 2023
2023 quarter 4 (October, November, December)
Azure Files now supports all valid Unicode characters
Expanded character support will allow users to create SMB file shares with file and directory names on par with the NTFS file system for all valid Unicode characters. It also enables tools like AzCopy and Storage Mover to migrate all the files into Azure Files using the REST protocol. Expanded character support is now available in all Azure regions. For more information, read the announcement.
2023 quarter 3 (July, August, September)
Azure Active Directory support for Azure Files REST API with OAuth authentication is generally available
This feature enables share-level read and write access to SMB Azure file shares for users, groups, and managed identities when accessing file share data through the REST API. Cloud native and modern applications that use REST APIs can utilize identity-based authentication and authorization to access file shares. For more information, read the blog post.
2023 quarter 2 (April, May, June)
Azure Files scalability improvement for Azure Virtual Desktop and other workloads that open root directory handles is generally available
Azure Files has increased the root directory handle limit per share from 2,000 to 10,000 for Azure file shares. This improvement benefits applications that keep an open handle on the root directory. For example, Azure Virtual Desktop with FSLogix profile containers now supports 10,000 active users per share (5x improvement).
Note: The number of active users supported per share is dependent on the applications that are accessing the share. If your applications are not opening a handle on the root directory, Azure Files can support more than 10,000 active users per share.
The root directory handle limit has been increased in all regions and applies to all existing and new file shares. For more information about Azure Files scale targets, see: Azure Files scalability and performance targets.
Preview: Azure Files large file share support for Geo and GeoZone redundancy
Azure Files geo-redundancy for large file shares preview significantly improves capacity and performance for HDD file shares when using geo-redundant storage (GRS) and geo-zone redundant storage (GZRS) options. The preview is only available for HDD file shares. For more information, see Geo and GeoZone redundancy.
New SLA of 99.99% uptime for SSD file shares
Azure Files now offers a 99.99% SLA per file share for all SSD file shares, regardless of protocol (SMB or NFS) or redundancy type. This means that you can benefit from this SLA immediately, without any configuration changes or extra costs. If the availability drops below the guaranteed 99.99% uptime, you're eligible for service credits.
Support for Azure Files REST API with OAuth authentication is in public preview
This preview enables share-level read and write access to SMB file shares for users, groups, and managed identities when accessing file share data through the REST API. Cloud native and modern applications that use REST APIs can utilize identity-based authentication and authorization to access file shares. For more information, read the blog post.
AD Kerberos authentication for Linux clients (SMB) is generally available
Azure Files customers can now use identity-based Kerberos authentication for Linux clients over SMB using either on-premises Active Directory Domain Services (AD DS) or Azure Active Directory Domain Services (Azure AD DS). For more information, see Enable Active Directory authentication over SMB for Linux clients accessing Azure Files.
2023 quarter 1 (January, February, March)
NFS nconnect for Azure file shares is generally available
NFS nconnect is a client-side Linux mount option that increases performance at scale by allowing you to use more TCP connections between the Linux client and NFS file shares. With nconnect, you can increase performance at scale using fewer client machines to reduce total cost of ownership. For more information, see Improve NFS Azure file share performance.
Improved Azure File Sync service availability
Azure File Sync is now a zone-redundant service, which means an outage in a zone has limited impact while improving the service resiliency to minimize customer impact. To fully leverage this improvement, configure your storage accounts to use zone-redundant storage (ZRS) or geo-zone redundant storage (GZRS) replication. To learn more about different redundancy options for your storage accounts, see Azure Files redundancy.
Note
Azure File Sync is zone-redundant in all regions that support availability zones except US Gov Virginia.
What's new in 2022
2022 quarter 4 (October, November, December)
Azure Active Directory (Azure AD) Kerberos authentication for hybrid identities on Azure Files is generally available
This feature builds on top of FSLogix profile container support released in December 2022 and expands it to support more use cases (SMB only). Hybrid identities, which are user identities created in Active Directory Domain Services (AD DS) and synced to Azure AD, can mount and access Azure file shares without the need for network connectivity to an Active Directory domain controller. While the initial support is limited to hybrid identities, it's a significant milestone as we simplify identity-based authentication for Azure Files customers. Read the blog post.
2022 quarter 2 (April, May, June)
SUSE Linux support for SAP HANA System Replication (HSR) and Pacemaker
Azure customers can now deploy a highly available SAP HANA system in a scale-out configuration with HSR and Pacemaker on Azure SUSE Linux Enterprise Server virtual machines (VMs), using NFS Azure file shares for a shared file system.
2022 quarter 1 (January, February, March)
Azure File Sync TCO improvements
To offer sync and tiering, Azure File Sync performs two types of transactions on behalf of the customer:
- Transactions from churn, including changed files (sync) and recalled files (tiering).
- Transactions from cloud change enumeration, done to discover changes made directly on the Azure file share. Historically, this was a major component of an Azure File Sync customer's Azure Files bill.
To improve TCO, we markedly decreased the number of transactions needed to fully scan an Azure file share. Prior to this change, most customers were best off in the hot tier. Now most customers are best off in the cool tier.
What's new in 2021
2021 quarter 4 (October, November, December)
Increased IOPS for SSD file shares
SSD file shares now have additional included baseline IOPS and a higher minimum burst IOPS. The baseline IOPS included with a provisioned share was increased from 400 to 3,000, meaning that a 100 GiB share (the minimum share size) is guaranteed 3,100 baseline IOPS. Additionally, the floor for burst IOPS was increased from 4,000 to 10,000, meaning that every SSD file share will be able to burst up to at least 10,000 IOPS.
Formula changes:
| Item | Old value | New value |
|---|---|---|
| Baseline IOPS formula | MIN(400 + 1 * ProvisionedGiB, 100000) |
MIN(3000 + 1 * ProvisionedGiB, 100000) |
| Burst limit | MIN(MAX(4000, 3 * ProvisionedGiB), 100000) |
MIN(MAX(10000, 3 * ProvisionedGiB), 100000) |
For more information, see:
NFSv4.1 protocol support is generally available
SSD file shares now support either the SMB or the NFSv4.1 protocols. NFSv4.1 is available in all regions where Azure Files supports the SSD media tier, for both locally redundant storage and zone-redundant storage. Azure file shares created with the NFSv4.1 protocol enabled are fully POSIX-compliant, distributed file shares that support a wide variety of Linux and container-based workloads. Some example workloads include: highly available SAP application layer, enterprise messaging, user home directories, custom line-of-business applications, database backups, database replication, and Azure Pipelines.
For more information, see:
- NFS file shares in Azure Files
- High availability for SAP NetWeaver on Azure VMs with NFS on Azure Files
- Azure Files pricing
Symmetric throughput for SSD file shares
SSD file shares now support symmetric throughput provisioning, which enables the provisioned throughput for an Azure file share to be used for 100% ingress, 100% egress, or some mixture of ingress and egress. Symmetric throughput provides the flexibility to make full utilization of available throughput.
Formula changes:
| Item | Old value | New value |
|---|---|---|
| Throughput (MiB/sec) |
|
100 + CEILING(0.04 * ProvisionedGiB) + CEILING(0.06 * ProvisionedGiB) |
For more information, see:
2021 quarter 3 (July, August, September)
SMB Multichannel is generally available
SMB Multichannel enables SMB clients to establish multiple parallel connections to an Azure file share. This allows SMB clients to take full advantage of all available network bandwidth and makes them resilient to network failures, reducing total cost of ownership and enabling 2-3x for reads and 3-4x for writes through a single client. SMB Multichannel is available for SSD file shares and is disabled by default.
For more information, see:
- SMB Multichannel performance in Azure Files
- Enable SMB Multichannel
- Overview on SMB Multichannel in the Windows Server documentation
SMB 3.1.1 and SMB security settings
SMB 3.1.1 is the most recent version of the SMB protocol, released with Windows 10, containing important security and performance updates. Azure Files SMB 3.1.1 ships with two additional encryption modes, AES-128-GCM and AES-256-GCM, in addition to AES-128-CCM which was already supported. To maximize performance, AES-128-GCM is negotiated as the default SMB channel encryption option; AES-128-CCM will only be negotiated on older clients that don't support AES-128-GCM.
Depending on your organization's regulatory and compliance requirements, AES-256-GCM can be negotiated instead of AES-128-GCM by either restricting allowed SMB channel encryption options on the SMB clients, in Azure Files, or both. Support for AES-256-GCM was added in Windows Server 2022 and Windows 10, version 21H1.
In addition to SMB 3.1.1, Azure Files exposes security settings that change the behavior of the SMB protocol. With this release, you may configure allowed SMB protocol versions, SMB channel encryption options, authentication methods, and Kerberos ticket encryption options. By default, Azure Files enables the most compatible options, however these options may be toggled at any time.
For more information, see:
- SMB security settings
- Windows and Linux SMB version information
- Overview of SMB features in the Windows Server documentation
2021 quarter 2 (April, May, June)
Azure Files reservations for provisioned v1 and pay-as-you-go file shares
Azure Files supports reservations (also referred to as reserved instances). Azure Files reservations allow you to achieve a discount on storage by pre-committing to storage utilization. Azure Files supports reservations on file shares using the provisioned v1 or pay-as-you-go billing models. Reservations are sold in units of 10 TiB or 100 TiB, for terms of either one year or three years.
For more information, see:
- Understanding Azure Files billing
- Optimized costs for Azure Files with reservations
- Azure Files pricing
Improved portal experience for domain joining to Active Directory
The experience for domain joining an Azure storage account has been improved to help guide first-time Azure file share admins through the process. When you select Active Directory under File share settings in the File shares section of the Azure portal, you will be guided through the steps required to domain join.
For more information, see:
- Overview of Azure Files identity-based authentication options for SMB access
- Overview - on-premises Active Directory Domain Services authentication over SMB for Azure file shares
2021 quarter 1 (January, February, March)
Azure Files management now available through the control plane
Management APIs for Azure Files resources, the file service and file shares, are now available through control plane (Microsoft.Storage resource provider). This enables Azure file shares to be created with an Azure Resource Manager or Bicep template, to be fully manageable when the data plane (i.e. the FileREST API) is inaccessible (like when the storage account's public endpoint is disabled), and to support full role-based access control (RBAC) semantics.
We recommend you manage Azure Files through the control plane in most cases. To support management of the file service and file shares through the control plane, the Azure portal, Azure storage PowerShell module, and Azure CLI have been updated to support most management actions through the control plane.
To preserve existing script behavior, the Azure storage PowerShell module and the Azure CLI maintain the existing commands that use the data plane to manage the file service and file shares, as well as adding new commands to use the control plane. Portal requests only go through the control plane resource provider. PowerShell and CLI commands are named as follows:
- Az.Storage PowerShell:
- Control plane file share cmdlets are prefixed with
Rm, for example:New-AzRmStorageShare,Get-AzRmStorageShare,Update-AzRmStorageShare, andRemove-AzRmStorageShare. - Traditional data plane file share cmdlets don't have a prefix, for example
New-AzStorageShare,Get-AzStorageShare,Set-AzStorageShareQuota, andRemove-AzStorageShare. - Cmdlets to manage the file service are only available through the control plane and don't have any special prefix, for example
Get-AzStorageFileServicePropertyandUpdate-AzStorageFileServiceProperty.
- Control plane file share cmdlets are prefixed with
- Azure storage CLI:
- Control plane file share commands are available under the
az storage share-rmcommand group, for example:az storage share-rm create,az storage share-rm update, etc. - Traditional file share commands are available under the
az storage sharecommand group, for example:az storage share create,az storage share update, etc. - Commands to manage the file service are only available through the control plane, and are available through the
az storage account file-service-propertiescommand group, for example:az storage account file-service-properties showandaz storage account file-service-properties update.
- Control plane file share commands are available under the
To learn more about the Azure Files management API, see:
- Azure Files REST API overview
- Control plane (
Microsoft.Storageresource provider) API for Azure Files resources: - Azure PowerShell and Azure CLI