search

Azure / azure-rest-api-specs

The source for REST API specifications for Microsoft Azure.
MIT License
2.68k stars 5.1k forks source link

Storage Account azureFilesIdentityBasedAuthentication AADDS return unrelated fields #12473

Open yupwei68 opened 3 years ago

yupwei68 commented 3 years ago

When we update "azureFilesIdentityBasedAuthentication" to "AADDS " , it returns unrelated fields in "azureFilesIdentityBasedAuthentication" which were previously set. This is different from the previous service action.

  1. create a storage account

  2. update the storage account with azureFilesIdentityBasedAuthentication AD PATCH /subscriptions/.../resourceGroups/acctestRG-storage-210118163540393917/providers/Microsoft.Storage/storageAccounts/unlikely23exst2acctkfds9?api-version=2019-06-01 HTTP/1.1

{"properties":{"azureFilesIdentityBasedAuthentication":{"directoryServiceOptions":"AD","activeDirectoryProperties":{"domainName":"adtest2.com","netBiosDomainName":"adtest2.com","forestName":"adtest2.com","domainGuid":"13a20c9a-d491-47e6-8a39-299e7a32ea27","domainSid":"S-1-5-21-2400535526-2334094090-2402026252-1112","azureStorageSid":"S-1-5-21-2400535526-2334094090-2402026252-1112"}}}}

Response: HTTP/2.0 200 OK Cache-Control: no-cache Content-Type: application/json Date: Mon, 18 Jan 2021 08:38:31 GMT Expires: -1 Pragma: no-cache Server: Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Ms-Correlation-Request-Id: e6504962-8c18-f78e-fbe8-b2af56615b2c X-Ms-Ratelimit-Remaining-Subscription-Writes: 1198 X-Ms-Request-Id: 9f7b92e6-c1e4-4bad-b295-b8a415fb9615 X-Ms-Routing-Request-Id: SOUTHEASTASIA:20210118T083832Z:8805ac75-457c-4a91-aa36-cca742cf7c8a {"sku":{"name":"Standard_LRS","tier":"Standard"},"kind":"StorageV2","id":"/subscriptions/.../resourceGroups/acctestRG-storage-210118163540393917/providers/Microsoft.Storage/storageAccounts/unlikely23exst2acctkfds9","name":"unlikely23exst2acctkfds9","type":"Microsoft.Storage/storageAccounts","location":"westeurope","tags":{"environment":"production"},"properties":{"privateEndpointConnections":[],"azureFilesIdentityBasedAuthentication":{"directoryServiceOptions":"AD","activeDirectoryProperties":{"domainName":"adtest2.com","netBiosDomainName":"adtest2.com","forestName":"adtest2.com","domainGuid":"13a20c9a-d491-47e6-8a39-299e7a32ea27","domainSid":"S-1-5-21-2400535526-2334094090-2402026252-1112","azureStorageSid":"S-1-5-21-2400535526-2334094090-2402026252-1112"}},"minimumTlsVersion":"TLS1_0","allowBlobPublicAccess":false,"isHnsEnabled":false,"networkAcls":{"bypass":"AzureServices","virtualNetworkRules":[],"ipRules":[],"defaultAction":"Allow"},"supportsHttpsTrafficOnly":true,"encryption":{"services":{"file":{"keyType":"Account","enabled":true,"lastEnabledTime":"2021-01-18T08:36:03.2548159Z"},"blob":{"keyType":"Account","enabled":true,"lastEnabledTime":"2021-01-18T08:36:03.2548159Z"}},"keySource":"Microsoft.Storage"},"accessTier":"Hot","provisioningState":"Succeeded","creationTime":"2021-01-18T08:36:03.1610291Z","primaryEndpoints":{"dfs":"https://unlikely23exst2acctkfds9.dfs.core.windows.net/","web":"https://unlikely23exst2acctkfds9.z6.web.core.windows.net/","blob":"https://unlikely23exst2acctkfds9.blob.core.windows.net/","queue":"https://unlikely23exst2acctkfds9.queue.core.windows.net/","table":"https://unlikely23exst2acctkfds9.table.core.windows.net/","file":"https://unlikely23exst2acctkfds9.file.core.windows.net/"},"primaryLocation":"westeurope","statusOfPrimary":"available"}}

  1. update the storage account with azureFilesIdentityBasedAuthentication AADDS PATCH /subscriptions/.../resourceGroups/acctestRG-storage-210118163540393917/providers/Microsoft.Storage/storageAccounts/unlikely23exst2acctkfds9?api-version=2019-06-01 HTTP/1.1 {"properties":{"azureFilesIdentityBasedAuthentication":{"directoryServiceOptions":"AADDS"}}}

HTTP/2.0 200 OK Cache-Control: no-cache Content-Type: application/json Date: Mon, 18 Jan 2021 08:39:38 GMT Expires: -1 Pragma: no-cache Server: Microsoft-Azure-Storage-Resource-Provider/1.0,Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Ms-Correlation-Request-Id: e6504962-8c18-f78e-fbe8-b2af56615b2c X-Ms-Ratelimit-Remaining-Subscription-Writes: 1199 X-Ms-Request-Id: f6187eaa-f240-4e2a-830f-91642f9a6f87 X-Ms-Routing-Request-Id: SOUTHEASTASIA:20210118T083938Z:801b2065-1c6a-4595-84b9-7ed6897553f1

{"sku":{"name":"Standard_LRS","tier":"Standard"},"kind":"StorageV2","id":"/subscriptions/.../resourceGroups/acctestRG-storage-210118163540393917/providers/Microsoft.Storage/storageAccounts/unlikely23exst2acctkfds9","name":"unlikely23exst2acctkfds9","type":"Microsoft.Storage/storageAccounts","location":"westeurope","tags":{"environment":"production"},"properties":{"privateEndpointConnections":[],"azureFilesIdentityBasedAuthentication":{"directoryServiceOptions":"AADDS","activeDirectoryProperties":{"domainName":"adtest2.com","netBiosDomainName":"adtest2.com","forestName":"adtest2.com","domainGuid":"13a20c9a-d491-47e6-8a39-299e7a32ea27","domainSid":"S-1-5-21-2400535526-2334094090-2402026252-1112","azureStorageSid":"S-1-5-21-2400535526-2334094090-2402026252-1112"}},"minimumTlsVersion":"TLS1_0","allowBlobPublicAccess":false,"isHnsEnabled":false,"networkAcls":{"bypass":"AzureServices","virtualNetworkRules":[],"ipRules":[],"defaultAction":"Allow"},"supportsHttpsTrafficOnly":true,"encryption":{"services":{"file":{"keyType":"Account","enabled":true,"lastEnabledTime":"2021-01-18T08:36:03.2548159Z"},"blob":{"keyType":"Account","enabled":true,"lastEnabledTime":"2021-01-18T08:36:03.2548159Z"}},"keySource":"Microsoft.Storage"},"accessTier":"Hot","provisioningState":"Succeeded","creationTime":"2021-01-18T08:36:03.1610291Z","primaryEndpoints":{"dfs":"https://unlikely23exst2acctkfds9.dfs.core.windows.net/","web":"https://unlikely23exst2acctkfds9.z6.web.core.windows.net/","blob":"https://unlikely23exst2acctkfds9.blob.core.windows.net/","queue":"https://unlikely23exst2acctkfds9.queue.core.windows.net/","table":"https://unlikely23exst2acctkfds9.table.core.windows.net/","file":"https://unlikely23exst2acctkfds9.file.core.windows.net/"},"primaryLocation":"westeurope","statusOfPrimary":"available"}}

blueww commented 3 years ago

@zfchen95 Would you please help to look at the server issue? Why "activeDirectoryProperties" is not clean up when we change "directoryServiceOptions" from "AD" to "AADDS"?

@yupwei68 As I remember, per feature team, to change the "directoryServiceOptions" from "AD" to "AADDS", or vice verse, we should first set it to "None", then change to "AD" or "AADDS". If you change it in this way, the "activeDirectoryProperties" will be clean up per my test.

zhenglaizhang commented 3 years ago

Hi @yupwei68 @zfchen95 any update for this thanks!

yupwei68 commented 3 years ago

@zhenglaizhang I've taken the workaround the first set it to "None", before changing the "directoryServiceOptions"