Windows 10 NTFS permissions for Azure AD account

azure-activedirectoryoffice365windows 10

I joined Windows 10 to Azure Active Directory and signed in with my Azure AD email address and password.

whoami returns AzureAD\<Full Name> and the NTFS permissions of the user profile folder also show the folder owner as AzureAD\<Full Name>. The user has a profile folder called Users\<Full Name>.

However I am unable to select this user at all in the Select a principal dialog when I want to grant permissions to other folders. What is the correct syntax for Azure AD users?

When using just Azure AD accounts, there are no user accounts at all in in Local Users (unlike a Microsoft Account which is linked to a local user).

Best Answer

Newer versions show the actual domain name, but the same issue still exists. You can use Powershell to set the permissions.

    $dir = get-item -Path 'C:\users\jshelby\Desktop\testdir\'    
    $acl = $dir.GetAccessControl('Access')
    $username = 'domain\username'
    $AccessRights = New-Object System.Security.AccessControl.FileSystemAccessRule($Username,'Modify','ContainerInherit,ObjectInherit','None','Allow')
    $Acl.SetAccessRule($AccessRights)
    Set-Acl -path $Path -AclObject $Acl
Related Question