Add the Azure Data Lake Storage Gen2 Virtual Client with IAM AD Application

To add the Azure Data Lake Gen2 virtual client using non-Azure virtual machines (VM) as access nodes, create an Azure Active Directory (AD) application, and then assign the storage blob data owner role to the application. Then, use the IAM AD role assignment type of authentication to add a virtual client.

Assign the Storage Blob Data Owner Role to the AD Application

On the Azure portal, create an Azure AD application.
Add the storage blob data owner role to the Azure AD application.
Generate and save a client secret for the Azure AD application.
Record the application ID and the tenant ID of the application that you created.

Add the Virtual Client with IAM AD Application

From the CommCell Browser, right-click Client Computers, and then click New Client > Cloud Storage > Azure Data Lake Storage Gen2.

The New Azure Data Lake Client dialog box appears.
On the General tab, provide the following details:
1. In the Client Name box, type a name for the new client.
2. In the Instance Name box, type a name for the instance.
3. In the Access Node box, select one or more proxy client computers or the client group where the Cloud Apps package is installed.
  Note
  - The proxy client computers must be of similar operating system type.
  - All clients in the client group must be reachable through network routes.
4. In the Storage Policy box, select a storage policy for the backup and restore operations.
5. In the Number of Data Backup Streams box, type the number of data streams to use for backups. The maximum value is 99.
  
  Note
  
  The number of streams must not exceed the maximum number configured in the subclient storage policy. The CommServe allocates streams depending on the availability of resources.

On the Connection Details tab, enter the following details:

In the Host URL box, enter the Azure Data Lake Storage Gen2 service account URL.

For example, enter dfs.core.windows.net.
From the Authentication Type list, select IAM AD application.

Enter credentials:

What	Steps
Select an existing credential	From the Credential list, select the credential that you want to use.
Create a new credential	From the Credential list, click Create New. The Create user credential dialog box appears. In the Credential name box, enter a name for the credentials Enter the following information: Tenant ID: Enter the tenant ID of the Azure AD application. Application ID: Enter the application ID of the Azure AD application. Application Secret: Enter the application secret of the Azure AD application. Environment: Select the region where you deployed the Azure cloud. Click OK.

What

Steps

Select an existing credential

From the Credential list, select the credential that you want to use.

Create a new credential

From the Credential list, click Create New.

The Create user credential dialog box appears.
In the Credential name box, enter a name for the credentials
Enter the following information:
- Tenant ID: Enter the tenant ID of the Azure AD application.
- Application ID: Enter the application ID of the Azure AD application.
- Application Secret: Enter the application secret of the Azure AD application.
- Environment: Select the region where you deployed the Azure cloud.
Click OK.

In the Account Name box, enter the name of the Azure Data Lake Storage Gen2 account.

Click OK.