On-premises NAS migration to Azure File Sync via Data Box

One Windows Server (or cluster) can sync up to 30 Azure file shares.

Options when you have many on‑prem shares:

• Share grouping: combine multiple on‑prem shares under a common root folder and sync that to one Azure file share.

• Volume sync: sync a volume root to a single Azure file share (consider item limits).

Keep items per share practical: tested up to 100M items, recommended <20–30M per share.

Create a namespace-to-share mapping table (template link provided).

Provision storage accounts and Azure file shares according to your mapping.

Best practice: 1 file share per storage account when needing high performance; archival/low‑activity shares can be grouped.

Ensure region matches Storage Sync Service.

Note: default file share size is 5 TiB; follow the Create an Azure file share link to make large (100 TiB) shares and consider redundancy options.

Any Data Box appliance can write to up to 10 storage accounts.

Choose Data Box Disk (up to ~40 TiB raw delivered across disks) or Data Box (rugg ed appliance, ~80 TiB usable).

Two Data Box devices may write to the same storage account, but do not split a single share’s contents across multiple Data Boxes.

Use Windows Server 2022 (minimum 2012 R2 supported); size CPU/RAM based on number of items being synced.

Use Direct Attached Storage (DAS)—NAS is not supported for Azure File Sync server endpoints.

Consider higher performance servers for large namespaces or initial sync performance.

Follow Data Box setup docs (links provided).

Use Robocopy for full fidelity (Data Box copy tools may not preserve everything).

Data Box exposes pre-provisioned SMB shares; for standard accounts look for shares ending with _AzFiles.

Use the recommended Robocopy command (shown in the article) rather than the Data Box sample command.

Deploy a Storage Sync Service in the same region as your storage accounts.

Best practice: one Storage Sync Service for servers that may sync the same files; create multiple only for fully isolated topologies.

Create a resource group and deploy in a nearby region.

Install the Azure File Sync agent on the Windows Server(s); register them to your Storage Sync Service.

Install required PowerShell modules:

Install-Module -Name Az -AllowClobber
Install-Module -Name Az.StorageSync

Ensure internet/proxy access and disable IE Enhanced Security Configuration during deployment as documented.

In the portal, create a sync group for each Azure file share (cloud endpoint).

Add server endpoint(s) that point to the local folder(s) on the Windows Server.

Enable cloud tiering and select "Namespace only" in initial download to allow local cache with full namespace while minimizing local storage consumption.

Wait for the cloud namespace to enumerate on the server before copying more data.

Monitor Event Viewer: Applications and Services → Microsoft → FileSync → Agent.

Look for Event ID 9102 indicating a completed sync session with successful download; require two consecutive such events to be confident the namespace is fully present.

After the namespace is present on the server, run Robocopy jobs from the NAS to the corresponding Windows Server folders to copy only deltas and catch up changes since the Data Box copy.

Recommended Robocopy command used in the article: robocopy <Dest.Path> /MT:20 /R:2 /W:1 /B /MIR /IT /COPY:DATSO /DCOPY:DAT /NP /NFL /NDL /XD "System Volume Information" /UNILOG:

Notes and cautions:

• Use an intermediate Windows Server 2016 for Robocopy if you must avoid regressed /MIR behavior on Server 2019 when target has tiering.

• /MIR mirrors source to target—ensure source/target paths are matched exactly to avoid deletions.

• Cloud tiering will free local space hourly; plan Robocopy runs so you don't outpace tiering and run out of local space.

• For final cutover: block user access to NAS, run Robocopy once more, then switch shares/DFS targets to the Windows Server shares.