![]() ![]()
The server has a SAS key that only allows for targeted file share access.Īfter initial server registration, the server receives a regional URL for the Azure File Sync service instance in that region. When the server downloads a file, then the server performs that data movement more efficiently when talking directly to the Azure file share in the Storage Account. Network file synchronization registration#This URL is accessed by the Active Directory authentication library that the Azure File Sync server registration UI uses to log in the administrator. The user performing the initial setup of Azure File Sync must be an authenticated user with subscription owner privileges. ![]() This principal is used for delegating a minimal set of rights to the Azure File Sync service. To succeed, this URL is used for user authentication.Īs part of deploying Azure File Sync, a service principal in the subscription's Azure Active Directory will be created. The following table describes the required domains for communication: ServiceĪny user call (like PowerShell) goes to/through this URL, including the initial server registration call.Īzure Resource Manager calls must be made by an authenticated user. Based on policies in your datacenter, branch or region, further restricting traffic over this port to specific domains may be desired or required. Note: The Storage Sync Agent (filesyncsvc) service will auto-start once stopped.Īs mentioned in a previous section, port 443 needs to be open outbound. Restart the Storage Sync Agent service by running the following command from an elevated command prompt or PowerShell: Run the following command from an elevated command prompt or PowerShell to set the proxy setting (change 127.0.01:8888 to the IP address and port for the proxy server): Run the following command from an elevated command prompt or PowerShell to see the existing proxy setting: Network file synchronization how to#The steps below cover how to configure the proxy settings using netsh but any method listed in the Configure proxy server settings in Windows documentation is supported. There are several methods (WPAD, PAC file, netsh, etc.) to configure a Windows Server to use a proxy server. Change 127.0.01:8888 to the IP address and port for the proxy server. NET applicationsĬ:\Windows\Microsoft.NET\Framework64\v9\Config\nfigĬ:\Windows\Microsoft.NET\Framework\v9\Config\nfigĪdd the section in the nfig files (below the section). To configure machine-wide proxy settings, follow the steps below:Ĭonfigure proxy settings for. ![]() Machine-wide proxy settings are transparent to the Azure File Sync agent as the entire traffic of the server is routed through the proxy. Set-StorageSyncProx圜onfiguration -Address $Address -Port $Port -Prox圜redential $Creds Import-Module "C:\Program Files\Azure\StorageSyncAgent\" ![]() Network file synchronization password## Please verify that you have entered the password correctly. $Creds = New-Object ($UserName, $SecurePassword) $SecurePassword = Read-Host -AsSecureString # Please type or paste a string with a password for the proxy. # The port to use for the connection to the proxy. Set-StorageSyncProx圜onfiguration -Address -Port -Prox圜redential įor example, if your proxy server requires authentication with a user name and password, run the following PowerShell commands: # IP address or name of the proxy server. PowerShell commands to configure app-specific proxy settings: Import-Module "C:\Program Files\Azure\StorageSyncAgent\" App-specific proxy settings are supported on agent version 4.0.1.0 or newer and can be configured during the agent installation or by using the Set-StorageSyncProx圜onfiguration PowerShell cmdlet. ProxyĪzure File Sync supports app-specific and machine-wide proxy settings.Īpp-specific proxy settings allow configuration of a proxy specifically for Azure File Sync traffic. to Azure.Īzure File Sync will work through any means available that allow reach into Azure, automatically adapting to various network characteristics like bandwidth, latency as well as offering admin control for fine-tuning. The Azure File Sync agent has no requirements regarding special channels like ExpressRoute, etc. Networks and special connections to Azure PortsĪzure File Sync moves file data and metadata exclusively over HTTPS and requires port 443 to be open outbound.Īs a result all traffic is encrypted. No Azure service initiates a connection to the Azure File Sync agent. The Azure File Sync agent on Windows Server initiates all requests to cloud services which results in only having to consider outbound traffic from a firewall perspective. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |