Azure Note: ADDS integrated Azure File Share with Private Endpoint

 ADDS integrated Azure File Share

1. Azure vNet DNS set to ADDS DNS

2. Add Private DNS zone (Or Auto Create in Step 3.2.3)
2.1 Named: privatelink.file.core.windows.net
2.2 Add Virtual Network Link

3. Add Storage Account

3.1 LRS
3.2 Add Private Endpoint
3.2.1 Storage Sub-resource: file
3.2.2 PrivateLink Subnet
3.2.3 Intergrate with private DNS zone
3.3 Soft delete for file shares
3.4 (Must) Secure transfer required
(Option) Large File Share

4. Storage Account Networking -> Private endpoint -> DNS Configuration -> Add DNS configuration

5. Create DNS Zone (privatelink.file.core.windows.net) and add A Record of StorageAccountName and PrivateEndpoint IP
nslookup StorageAccountName.file.core.windows.net
nslookup StorageAccountName.privatelink.file.core.windows.net
ensure private ip

6. Join ADDS

7. Add File Share with Hot Tier

8. Assign Share Permission

9. Mount File Share with Key in a non-elevator cmd

10. Assign NTFS Permission

11. Unmount File Share

12. Mount File Share with other user in other On-Premise VM