Enable Azure Active Directory Kerberos authentication – Step by Step

Azure AD Kerberos. Allows you to connect to Azure File Shares using Azure Active Directory Credentials. Unfortunately, the identities (user) must still be synchronized from Active Directory to Azure Active Directory. But only this option allows you to connect to Azure File Shares from computers connected to Azure Active Directory and not to Active Directory.

  • Configure Kerberos authentication for Azure files:

Provide AD details acquired by:

$domainInformation = Get-ADDomain

$domainGuid = $domainInformation.ObjectGUID.ToString()

$domainName = $domainInformation.DnsRoot



  • Configure the private link and make sure it resolves correctly (optional).
  • MFA excluded for Application [Storage Account]:


  • API permission granted for [Storage Account] application:


Now you should be able to browse the Azure File Share.