We have a local Windows 2008 R2 file server, part of a Windows domain, with security settings on the shared directories depending on domain security groups. I would like to move the file server function to Azure and get rid of our on-premises server.
I am contemplating a setup whereby I would have a VM with file shares, duplicating the same setup and permissions as the on-premises solution, just in Azure (we would use Windows file sharing to map the shared directories for the end users). However, I have noticed that one can use WebDAV with Azure File Storage to share files as well. I believe the virtual machine setup using the virtual machine as the file server would work better for my purposes. Am I right? Does anybody have any other suggestions?
Note that we have a VPN with Azure, which we would use.
Best Answer
For your purposes I would use a VM with File Shares, the VM can be joined to your domain (or Azure AD Domain Services) and you can restrict access the same way you do now on premise. Azure File Storage is designed to allow applications to access a file share using SMB. so if you have an app on premise that uses UNC paths and SMB Protocol it can now easily moved to Azure using Azure File Storage.
Azure File Storage is not really designed to store files for users.