使用Powershell订阅附带的Azure AD在DSC中创建用户 [英] Creating users using DSC in Azure AD that comes with subscription from powershell
问题描述
大家好,
我想在我的Azure订阅中创建一组用户.稍后,我将使用这些用户作为通过DSC对自动生成的资源组具有特定权限的帐户.我设法通过PowerShell直接在随附的AD中创建用户 订阅.我希望此脚本能够在任何订阅中运行.我希望脚本仅管理脚本中提到的特定用户和角色集,任何其他用户都必须保留.最重要的是;订阅的所有者帐户 必须保持不变.
I want to create a set of users within my Azure subscription. I will use these users later as accounts with specific rights on automatic generated resource groups via DSC. I managed to create the users directly via PowerShell into the AD that comes with the subscription. I want this script to be able to run within any subscription. I want the script ONLY to manage the specific set of users and roles mentioned in my script any other users must be kept. Most importantly; the owner account of the subscription must remain unchanged.
在大多数Azure资源中,可以转到自动化"刀片并复制可用于DSC的json.对于订阅附带的AD,这似乎是不可能的,对于整个AD而言,对于部分用户或组而言,都是不可能的.
In most Azure resources it is possible to go to the 'Automation' blade and copy the json that can be used for DSC. With the AD that comes with the subscription this does not seem possible, not for the AD as a whole, nor for the parts of the users or groups.
我想知道如果为该特定AD创建DSC脚本并仅提供我需要存在的一组用户和角色,将会发生什么情况.会删除所有其他用户吗?我有点害怕通过我的订阅来试用:S
I was wondering what would happen if a create a DSC script for that specific AD and only supply the set of users and roles that I need to exist. Will it delete all other users? I'm a bit scared to try it out with my subscription :S
预先感谢
Martijn
推荐答案
True -DisplayName" Abby Brown" -PasswordProfileTrue -DisplayName "Abby Brown" -PasswordProfile
PasswordProfile -MailNickName"AbbyB" -UserPrincipalName"AbbyB@contoso.com"PasswordProfile -MailNickName "AbbyB" -UserPrincipalName "AbbyB@contoso.com"要修改用户的角色,我建议您可以尝试以下cmdlet:
New-AzureRmRoleAssignment -SignInName <email of user> -RoleDefinitionName <role name in quotes> -ResourceGroupName <resource group name>能否详细说明"DSC配置"有AD的用户.
有关更多信息,建议您参考 使用RBAC和Azure PowerShell管理访问权限.
For more information, suggest you to refer Manage access using RBAC and Azure PowerShell.
这篇关于使用Powershell订阅附带的Azure AD在DSC中创建用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
