How to use Azure file share in IIS Shared Configuration?

Posted on by No Comments ↓

This post has been republished via RSS; it originally appeared at: IIS Support Blog articles.

System administrators can use the same configuration file across multiple IIS servers thanks to Shared Configuration feature. This file is normally stored in on-prem file server. If you want to store this file in an Azure file share, there is a specific procedure that needs to be followed. Step-by-step instructions are below.

 

Note: Instead of following the instructions below, you can try to use “Map network drive” feature in Windows File Explorer or the New-PSDrive command below. In my case, these options didn’t provide a permanent solution (Settings were reverted after a server restart).

 

New-PSDrive -Name Z -PSProvider FileSystem -Root "\\name.file.core.windows.net\sms-standard-storage" -Credential $credential -Persist -Scope global

 

 

Step-by-step instructions

Please follow the steps below to link your Azure file share in your IIS server.

  1. Open Azure dashboard
  2. Go to “Storage accounts > name-of-the-storage > Access keys
  3. Copy the storage account name and key to notepad
  4. Login to the IIS server
  5. Run the command below. It will create a network share that will be used by IIS
    net use * \\name.file.core.windows.net\sms-standard-storage /User:your-storage-account-name your-key
  6. Create a local user account in IIS server: “Windows Server (Computer Management > Local Users and Groups > Users > Right click > New User)
  7. Name of the local account should be exactly the same as your storage account name
  8. The password of the local account should be exactly the same as your storage account’s key
  9. Check “User cannot change password” and “Password never expires” options. Click OK
  10. Add the account you created to the IIS_IUSRS group (Computer Management > Local Users and Groups > Groups > IIS_IUSRS > Properties > Add)
  11. The rest of the steps are for setting up IIS Shared Configuration (The article explains as well)
 

azure-file-share.jpg

Step 3: Copy storage account name and key

 

The main point in the process is that using a local user account that has the same username and password (key) as your storage account in Azure.

 

Can I use a service account instead of a local account?

As of now, I am not aware of a way to use a service account to access an Azure file share via IIS. If you access it manually (login to server and go to the path in File Explorer), you can use persistent connections (Another resource is here). However, if you want IIS to access to the share, using a local account seems to be the only way.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.