Unable to join Storage Account to AD

Avatar
Alex Durrant

Hi guys,

 

Using Nerdio for the first time to create Azure Files, I am running into issues with an "Access is denied" error which pointed me to this article: https://nmehelp.getnerdio.com/hc/en-us/articles/26124331520525-Permissions-Required-to-Join-Azure-Files-Share-to-Domain-Active-Directory

 

However, for the sake of testing, I have added my account to domain admins, make sure this account is a contributor on the Azure subscription and additionally made sure that the account is added within the default domain controllers GPO for 'Enable computer and user accounts to be trusted for delegation' but still receiving the same error, the account details are correct as the temp VM does indeed join to the domain but the storage account does not (I have selected using a computer account over an user account in nerdio settings).

 

Any ideas?

0

Comments (2 comments)

Sort by
0
Avatar
Stefan Beckmann

Hi Alex Durrant
Can you perhaps send more details, e.g. what do you see in the task in Nerdio? You can log on to the temporary VM, there are certainly logs there. Unfortunately I don't know where they are without trying it myself. But maybe you can find them. (would start under C:\Windows\Temp)

0
Avatar
Alex Durrant

Hi Stefan,

Late reply, but we managed to sort this, it was due to myself editing the resource rules to the tempVM that is automatically created to join the storage account to AD defaulted to Windows 11 instead of a windows server, thus the script that I suspect relied on AD powershell which obviously by default isn't installed on Windows 11. Once it was allowed to run on windows server, all was well!

Please sign in to leave a comment.