Extend Azure® AD Identities To Samba File Servers

By Zach DeMeyer Posted May 10, 2019

Many organizations leverage on-prem file servers, such as Samba file servers and NAS appliances. As solutions such as Synology®, QNAP®, SoftNAS, FreeNAS, and others have emerged, they are a more attractive option than the expensive Windows® File Server, and sometimes even more attractive than cloud storage options as well.

Additionally, IT organizations are leveraging cloud solutions like Office 365™ and Azure® more and more, so the question becomes, can you eliminate the need for an on-prem Microsoft® Active Directory® (AD) or LDAP instance, and use Azure AD identities to log into Samba file servers and NAS appliances?

The Unfortunate Truth

Unfortunately, IT admins cannot use their Azure AD (AAD) instance to natively authenticate user identities to on-prem Samba file servers or NAS appliances. The identity management capabilities of AAD mostly consist of extending on-prem Active Directory to cloud resources kept in Azure. This ability also extends identities to several web applications, creating a semblance of single sign-on (SSO) for Azure users.

Admins can use their legacy, on-prem Active Directory instance to manage Samba servers or NAS appliances, but that, of course, defeats the purpose. IT admins are looking to eliminate their on-prem AD, yet still reap the benefits of on-prem file solutions like Samba servers. Since the use of AAD is aimed towards pushing IT functions to the cloud, will the solution be able to manage an IT organization’s identities like Active Directory in the cloud?

Managing Identities in the Cloud

Microsoft representatives have stated that AAD is not a cloud replacement for on-prem Active directory. For organizations that are looking towards the cloud for comprehensive identity management (a.k.a. an identity provider or directory service), AAD is not able to meet those needs. So, what can those organizations do?

Thankfully, there is a next-generation cloud directory service that acts as a full cloud replacement for Active Directory. This third party solution takes replacing AD a step further, authenticating access to all major system platforms (Windows, Mac®, Linux®), Infrastructure-as-a-Service platforms (AWS®, Azure, GCP™), a host of on-prem and cloud applications (through LDAP and SAML), as well as networks (via RADIUS).

Extend Identities to Samba File Servers with JumpCloud®

JumpCloud Directory-as-a-Service® has reimagined Active Directory for modern IT environments. Directory-as-a-Service creates a True Single Sign-On™ experience for IT admins and end users, allowing them to use one password for all of their IT resources.

While you can’t extend identities to Samba servers natively from AAD, you can use JumpCloud to bridge your AAD identities to other IT resources, including on-prem Samba file servers and NAS appliances. Of course, that is only a part of the greater whole that is Directory-as-a-Service.

Try JumpCloud Free

You can use JumpCloud to extend Azure AD identities to Samba file servers, as well as virtually all of your IT org’s resources for free for up to ten users today. Simply sign up for Directory-as-a-Service and start exploring what you can do with JumpCloud.

After using your ten free users (which are free forever), you can explore our pricing options. If you have any questions or comments, feel free to contact us, or check out our YouTube channel for more info.

Zach DeMeyer

Zach is a writer and researcher for JumpCloud with a degree in Mechanical Engineering from the Colorado School of Mines. He loves being on the cutting edge of new technology, and when he's not working, he enjoys all things outdoors, making music, and soccer.

Recent Posts