Ends in

SITEWIDE SALE! $3 OFF All Reviewers!

Azure Files

Azure Files

Azure Files Cheat Sheet

  • Offers fully managed cloud-based file storage that can be accessed through the industry-standard server message block (SMB) protocol.


  • Mount your Azure File share from Windows, Linux, or macOS.
  • Azure File Sync enables you to access your data from SMB, REST, or even on-premises.
  • Encrypt data at rest and in transit using SMB 3.0 and HTTPS.
  • Lift and shift applications to the cloud, where the application data is moved to Azure Files, and the application continues to run on-premises.
  • Store configuration files in a centralized location where they can be accessed from many application instances.
  • Azure Files provides the capability of taking share snapshots of file shares.

Storage Tiers

  • Premium file shares (SSD)
    • High performance & low latency, within single-digit milliseconds for most IO operations.
    • For IO-intensive workloads.
  • Tutorials dojo strip
  • Standard file shares (HDD)
    • Reliable performance for IO workloads which are less latency-sensitive.
  • If you created either a premium or a standard file share, you cannot automatically convert it to the other tier.




Billing model

Provisioned Billing Model, pay for how much storage you provision rather than how much storage you actually ask for.

Pay-As-You-Go Model, the bill will increase if you use (read/write/mount) the Azure file share more.

Redundancy options

It is available for locally redundant (LRS) and zone redundant (ZRS) storage.

It is available for locally redundant, zone redundant, geo-redundant (GRS), and geo-zone redundant (GZRS) storage.

Maximum size of file share

Provisioned for up to 100 TiB.

5 TiB by default, 100 TiB for locally redundant or zone redundant storage accounts.

Regional availability

File shares are not available in each region, but zone redundant support is available in a smaller subset of regions.

Available in every Azure region.


Supported Devices

  • To use an Azure file share outside of the Azure region the OS must support SMB 3.0
  • To mount an Azure file sharing on Windows, you must have access to port 445.

Windows version

SMB version

Mountable in Azure VM

Mountable on-premises

Windows Server 2019

SMB 3.0



Windows 101

SMB 3.0



Windows Server semi-annual channel2

SMB 3.0



Windows Server 2016

SMB 3.0



Windows 8.1

SMB 3.0



Windows Server 2012 R2

SMB 3.0



Windows Server 2012

SMB 3.0



Windows 73

SMB 2.1



Windows Server 2008 R23

SMB 2.1




  • Linux clients can also access the file storage through the SMB protocol.

Linux distribution

SMB 2.1 (Mounts on VMs within same Azure region)

SMB 3.0 (Mounts from on-premises and cross-region)




Red Hat Enterprise Linux (RHEL)












SUSE Linux Enterprise Server


12 SP3+



  • By default, encrypted with Microsoft-managed keys and responsible for rotating them on a regular basis.
  • Using Microsoft-managed keys, you can also choose to manage your own keys, which gives you control over the rotation process.
  • With customer-managed keys, Azure file storage is authorized to access your keys to fulfill read and write requests from your clients.


  • SMB uses port 445.
  • Accessible from anywhere, via the public endpoint of the storage account.
  • Azure file shares over an ExpressRoute or VPN connection:
    • Tunneling into a virtual network, even if port 445 is blocked.
    • Private endpoints give you a dedicated IP address from within the address space of the virtual network.
    • Allows you to configure DNS forwarding.
  • The UNC path format of an Azure File Share is: \\<storageAccountName>.file.core.windows.net\

Azure File Sync

  • Transform an on-premises (or cloud) Windows Server into a quick cache of your Azure file share.
  • Use Azure File Sync agent to synchronize files from a server to an Azure file share. 
  • To create sync groups, you need to deploy a Storage Sync Service.
  • A sync group defines the sync relationship between a cloud endpoint and a server endpoint.
    • Cloud endpoint – represents an Azure file share and multiple server endpoints. 
    • Server endpoint – a path registered on the Windows Server.
    • When you make changes to your cloud endpoint or server endpoint, your files are automatically synced to your sync group’s remaining endpoints.
    • When you make a change directly to the cloud endpoint, Azure files must first detect it via a change detection job, which only happens once every 24 hours.
    • A change detection job enumerates all the files in the file share and compares it to the sync version of that file. When the change detection job determines that there are changes, Azure File sync will initiate a sync session.
  • The sync group you created should only have one cloud endpoint.
  • A sync group may have server endpoints with different Active Directory memberships, even if they are not domain-joined.
  • The storage accounts used for Azure Files deployments are:
    • General purpose version 2 (GPv2) storage accounts
    • FileStorage storage accounts
  • You can use cloud tiering to cache frequently accessed files locally on the server.
  • Only NTFS volumes are supported; ReFS, FAT, FAT32, and other file systems are not supported.
  • The service supports interop with DFS Namespaces (DFS-N) and DFS Replication (DFS-R).
    • DFS-N allows you to group shared folders located on multiple servers into one or more logically structured namespaces.
    • DFS-R enables you to replicate folders across multiple servers and sites.
  • Azure File Sync has three layers of encryption:
    • Encryption at rest (Windows Server)
    • Encryption in transit
    • Encryption at rest (Azure file share)

Azure Blob vs Disk vs File Storage:


Validate Your Knowledge

Question 1

Question Type: Drag and Drop

You have an on-premises data center that contains a file server named TDFileServer1 which has 20 TB of data.

You created an Azure subscription and an Azure file share named TDFile1.

There is a requirement to transfer 20 TB of data to TDFile1 using the Azure Import/Export service.

In which order should you perform the actions?

Instructions: To answer, drag the appropriate item from the column on the left to its description on the right. Each correct match is worth one point.

Correct Answer:

(1) You prepare the external disks by attaching it to TDFileServer1 and run the WAImportExport.exe tool.

(2) You create an import job in the Azure portal.

(3) You ship the external disks to the Azure Datacenter.

(4) You update the import job in the Azure portal.

Azure Import/Export service is used to securely import large amounts of data to Azure Blob storage and Azure Files by shipping disk drives to an Azure datacenter. This service can also be used to transfer data from Azure Blob storage to disk drives and ship to your on-premises sites. Data from one or more disk drives can be imported either to Azure Blob storage or Azure Files.

Consider using Azure Import/Export service when uploading or downloading data over the network is too slow, or getting additional network bandwidth is cost-prohibitive. Use this service in the following scenarios:

– Data migration to the cloud: Move large amounts of data to Azure quickly and cost effectively.

– Content distribution: Quickly send data to your customer sites.

– Backup: Take backups of your on-premises data to store in Azure Storage.

– Data recovery: Recover large amounts of data stored in storage and have it delivered to your on-premises location.

AWS Exam Readiness Courses

To import data, the service requires you to ship supported disk drives containing your data to an Azure datacenter.

Microsoft Azure WAImportExport.exe tool is the drive preparation and repair tool that you can use with the Microsoft Azure Import/Export Service. This tool can be used in several different ways:

– Before you create an Import job, you can use this tool to copy data to the hard drives you are going to ship to a Microsoft Azure data center.

– After an import job has finished, you can use this tool to repair any blobs that were corrupted, missing, or conflicted with other blobs.

– After you receive the drives from an export job, you can use this tool to repair any files that were corrupted or missing on the drives.

The journal file stores basic information such as drive serial number, encryption key, and storage account details.

You can import the contents of FileServer1 using the following steps in order:

1. Prepare the drives and run the WAImportExport.exe tool.

– Attach the external disk to FileServer1 and run WAImportExport.exe. Each time you run the WAImportExport tool to copy files to the hard drive, the tool creates a copy session. The state of the copy session is written to the journal file.

2. You create an import job in the Azure portal.

– You must specify the following for an import job: name of the import job, type of job (import from azure or export from azure) subscription, resource group, journal file, the storage account for import destination, and the return shipping info.

3. You ship the external disks to the Azure Datacenter.

– FedEx, UPS, or DHL can be used to ship the package to Azure datacenter. You must ensure that you properly package your disks to avoid potential damage and delays in processing.

4. You update the import job in the Azure portal.

– You need to update job status and tracking info once drives are shipped and mark the checkbox against Mark as Shipped. You then provide the carrier and tracking number. If the tracking number is not updated within 2 weeks of creating the job, the job expires.

Hence, the correct order of deployment are:

1. You prepare the external disks by attaching it to FileServer1 and run the WAImportExport.exe tool.

2. You create an import job in the Azure portal.

3. You ship the external disks to the Azure Datacenter.

4. You update the import job in the Azure portal.


Note: This question was extracted from our AZ-104 Microsoft Azure Administrator Practice Exams.

For more Azure practice exam questions with detailed explanations, check out the Tutorials Dojo Portal:

Microsoft Azure Practice Exams Tutorials Dojo

Azure Files Cheat Sheet Resources:


Tutorials Dojo portal

Enroll Now – Our AWS Certification Exam Reviewers

AWS Practice Exams Tutorials Dojo

FREE AWS Exam Readiness Digital Courses

Enroll Now – Our Azure Certification Exam Reviewers

azure reviewers tutorials dojo

Enroll Now – Our Google Cloud Certification Exam Reviewers

Tutorials Dojo Exam Study Guide eBooks

tutorials dojo study guide eBook

Subscribe to our YouTube Channel

Tutorials Dojo YouTube Channel

FREE Intro to Cloud Computing for Beginners

FREE AWS, Azure, GCP Practice Test Samplers

Recent Posts

AWS, Azure, and GCP Certifications are consistently among the top-paying IT certifications in the world, considering that most companies have now shifted to the cloud. Earn over $150,000 per year with an AWS, Azure, or GCP certification!

Follow us on LinkedIn, YouTube, Facebook, or join our Slack study group. More importantly, answer as many practice exams as you can to help increase your chances of passing your certification exams on your first try!

View Our AWS, Azure, and GCP Exam Reviewers Check out our FREE courses

Our Community

passing rate
Around 95-98% of our students pass the AWS Certification exams after training with our courses.
Over 200k enrollees choose Tutorials Dojo in preparing for their AWS Certification exams.
Our courses are highly rated by our enrollees from all over the world.

What our students say about us?