The instructions to install the AzFilesHybrid module are incorrect/unclear

[delgadoa1]

The 2nd paragraph in this section: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-enable#download-azfileshybrid-module

tells you to install and execute the module, but that doesn't seem like the right verbage to use as running "Install-Module AzFilesHybrid -Force" throws an error: No match was found for the specified search criteria and module name "AzFilesHybrid"

Instead, what does work is the following steps with Importing the module instead of installing it

1. Open PowerShell/ISE as admin
2. Set execution policy for CurrentUser to unrestricted.
3. change directory to the unzipped folder
4. Run .\CopytoPSPath.ps1
5. Import-Module -Name AzFilesHybrid -Verbose

I only found this out after having trouble understanding the steps and needing to Google it. I found this answer from the comments on this page https://blog.simontimms.com/2022/02/16/install-azfileshybrid-powershell/

---

Document Details

⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.

• ID: 7a1a9f3d-5733-012a-a0d7-c00ec21b9232
• Version Independent ID: 1e70ab95-9488-5aa3-b8ef-e58b3e0067bb
• Content: Enable AD DS authentication for Azure file shares
• Content Source: articles/storage/files/storage-files-identity-ad-ds-enable.md
• Service: azure-file-storage
• GitHub Login: @khdownie
• Microsoft Alias: kendownie

[ManoharLakkoju-MSFT]

@delgadoa1 Thanks for your feedback! We will investigate and update as appropriate.

[khdownie]

@delgadoa1 The actual steps of running CopytoPSPath.ps1 and Import-Module to install the module are in the code sample in section “Run Join-AzStorageAccount” - however I agree that we could make this clearer upfront. I will create a work item to edit the doc. Thank you.

[khdownie]

This has been addressed/fixed: https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-enable#download-azfileshybrid-module

[khdownie]

please-close

[dss010101]

i followed these steps precisely and i still get

PackageManagement\Install-Package : No match was found for the specified search criteria and module name 'AzFilesHybrid'. Try Get-PSRepository to see all available registered module repositories.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:1809 char:21
+ ...          $null = PackageManagement\Install-Package @PSBoundParameters
+                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Microsoft.Power....InstallPackage:InstallPackage) [Install-Package], Exception
    + FullyQualifiedErrorId : NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.InstallPackage

[dss010101]

I updated my powershell to the latest version and it worked. i see it speit back my account and subscription/tenant ids. But then i see this

Assert-IsDomainJoined: The cmdlet, script, or module must be run in a domain-joined environment.

What does that mean? Also on the documentation name, what is the "SamAccountName" and "OutDistinguishedName"?

[khdownie]

You must run the script on a device that's domain joined to your on-premises AD DS, using on-premises AD DS credentials that have permissions to create a computer account or service logon account in the target AD (such as domain admin). Domain joined simply means that the client device is joined to your existing domain.

[khdownie]

$SamAccountName is the name of the to-be-created AD object, which is used by AD as the logon name for the object.

$OuDistinguishedName is an optional parameter that represents the distinguished name of your organizational unit. To find the DN of an OU, you can use the Active Directory Users and Computers tool, and select the Attribute Editor tab of the OU Properties. If you don't provide the OU name as an input parameter, the AD identity that represents the storage account is created under the root directory.

[dss010101]

we dont have on an prem AD DS per se. We use mostly cloud PaaS infra, such as Postgress flexible server and Container Apps.

in order to get this to work, i had to do a couple of additional steps not documented at this link: https://blog.simontimms.com/2022/02/16/install-azfileshybrid-powershell/

-for SamAccount i used my email i login to for the org's cloud AD.
-make a call to Connect-AzAccount passing the tenant id -make a call to Select-AzSubscription with the subscription id

i also did an az login before the above. In the end though it seems it was all for naught because to share a storage container, i think you need to be able to assign roles - and as a "Contributor" i can create resources, but not assign roles.