Document Details
Storage Files Identity Auth Domain Services Enable
This page contains Windows bias
About This Page
This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
Bias Analysis
Detected Bias Types
windows_first
powershell_heavy
windows_tools
missing_linux_example
Summary
The documentation page exhibits a strong Windows bias. It consistently references Windows-specific tools and workflows (such as Windows PowerShell, Windows Server Active Directory cmdlets, and Windows domain-joined VMs) and provides detailed instructions and examples only for Windows environments. There are no Linux-specific instructions or examples for mounting Azure Files with Microsoft Entra Domain Services, nor guidance for Linux domain-joined VMs or Kerberos configuration on Linux. The prerequisites and workflow are described solely from a Windows perspective.
Recommendations
- Add equivalent Linux instructions for mounting Azure Files with Microsoft Entra Domain Services authentication, including Kerberos configuration and troubleshooting.
- Provide examples using Linux command-line tools (e.g., kinit, smbclient, mount.cifs) for accessing Azure file shares with identity-based authentication.
- Include guidance for domain-joining Linux VMs to Microsoft Entra Domain Services, if supported, or clearly state any platform limitations.
- When listing tools or workflows, present both Windows and Linux options, or clarify platform support early in the document.
- If Linux is not supported for this scenario, explicitly state this in the prerequisites and introduction to set expectations.
Create Pull Request
Scan History
| Date | Scan | Status | Result |
|---|---|---|---|
| 2026-01-14 00:00 | #250 | in_progress |
Biased
|
| 2026-01-13 00:00 | #246 | completed |
Biased
|
| 2026-01-11 00:00 | #240 | completed |
Biased
|
| 2026-01-10 00:00 | #237 | completed |
Biased
|
| 2026-01-09 00:34 | #234 | completed |
Biased
|
| 2026-01-08 00:53 | #231 | completed |
Biased
|
| 2025-08-19 00:01 | #85 | completed |
 Clean
|
| 2025-07-13 21:37 | #48 | completed |
Clean
|
| 2025-07-12 23:44 | #41 | cancelled |
Biased
|
Flagged Code Snippets
# Create a new storage account
New-AzStorageAccount -ResourceGroupName "<resource-group-name>" `
-Name "<storage-account-name>" `
-Location "<azure-region>" `
-SkuName Standard_LRS `
-Kind StorageV2 `
-EnableAzureActiveDirectoryDomainServicesForFile $true
# Update a storage account
Set-AzStorageAccount -ResourceGroupName "<resource-group-name>" `
-Name "<storage-account-name>" `
-EnableAzureActiveDirectoryDomainServicesForFile $true
--- ## Recommended: Use AES-256 encryption By default, Microsoft Entra Domain Services authentication uses Kerberos RC4 encryption. We recommend configuring it to use Kerberos AES-256 encryption instead by following these instructions. The action requires running an operation on the Active Directory domain that's managed by Microsoft Entra Domain Services to reach a domain controller to request a property change to the domain object. The cmdlets below are Windows Server Active Directory PowerShell cmdlets, not Azure PowerShell cmdlets. Because of this, these PowerShell commands must be run from a client machine that's domain-joined to the Microsoft Entra Domain Services domain. > [!IMPORTANT] > The Windows Server Active Directory PowerShell cmdlets in this section must be run in Windows PowerShell 5.1 from a client machine that's domain-joined to the Microsoft Entra Domain Services domain. PowerShell 7.x and Azure Cloud Shell won't work in this scenario. Log in to the domain-joined client machine as a Microsoft Entra Domain Services user with the required permissions. You must have write access to the `msDS-SupportedEncryptionTypes` attribute of the domain object. Typically, members of the **AAD DC Administrators** group will have the necessary permissions. Open a normal (non-elevated) PowerShell session and execute the following commands.