az netappfiles account ad
Manage Azure NetApp Files (ANF) Account active directories.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az netappfiles account ad add |
Add an active directory to the account. |
Core | GA |
| az netappfiles account ad list |
List the active directories of an account. |
Core | GA |
| az netappfiles account ad remove |
Remove an active directory from the account. |
Core | GA |
| az netappfiles account ad show |
Get the specified ANF active directory. |
Core | GA |
| az netappfiles account ad update |
Updates an active directory to the account. |
Core | GA |
| az netappfiles account ad wait |
Place the CLI in a waiting state until a condition is met. |
Core | GA |
az netappfiles account ad add
Add an active directory to the account.
az netappfiles account ad add --account-name --name
--resource-group
[--active-directory-id]
[--ad-name]
[--administrators]
[--aes-encryption {0, 1, f, false, n, no, t, true, y, yes}]
[--allow-local-ldap-users --allow-local-nfs-users-with-ldap {0, 1, f, false, n, no, t, true, y, yes}]
[--backup-operators]
[--dns]
[--domain]
[--encrypt-dc-conn --encrypt-dc-connections {0, 1, f, false, n, no, t, true, y, yes}]
[--kdc-ip]
[--ldap-over-tls {0, 1, f, false, n, no, t, true, y, yes}]
[--ldap-search-scope]
[--ldap-signing {0, 1, f, false, n, no, t, true, y, yes}]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--organizational-unit]
[--password]
[--preferred-servers-for-ldap-client]
[--security-operators]
[--server-root-ca-cert --server-root-ca-certificate]
[--site]
[--smb-server-name]
[--username]Examples
Add an active directory to the account
az netappfiles account ad add -g mygroup -a myname --username aduser --password aduser --smb-server-name SMBSERVER --dns 1.2.3.4 --domain westcentralusRequired Parameters
The name of the NetApp account.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Id of the Active Directory.
Name of the active directory machine. This optional parameter is used only while creating kerberos volume.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
If enabled, AES encryption will be enabled for SMB communication.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Name of the Active Directory domain.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Kdc server IP address for the active directory machine. This optional parameter is used only while creating kerberos volume.
Specifies whether or not the LDAP traffic needs to be secured via TLS.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
LDAP Search scope options Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Specifies whether or not the LDAP traffic needs to be signed.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
The Organizational Unit (OU) within the Windows Active Directory.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Default value: | CN=Computers |
Plain text password of Active Directory domain administrator, value is masked in the response.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
The Active Directory site the service will limit Domain Controller discovery to.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
A domain user account with permission to create machine accounts.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles account ad list
List the active directories of an account.
az netappfiles account ad list --account-name --name
--resource-groupExamples
List the active directories of an account.
az netappfiles account ad list -g mygroup -a mynameRequired Parameters
The name of the NetApp account.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles account ad remove
Remove an active directory from the account.
az netappfiles account ad remove --account-name --name
--active-directory --active-directory-id
--resource-group
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--yes]Examples
Remove an active directory from the account
az netappfiles account ad remove -g mygroup --name myname --active-directory-id 13641da9-c0e9-4b97-84fc-4f8014a93848Required Parameters
The name of the NetApp account.
Id of the Active Directory.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Do not prompt for confirmation.
| Property | Value |
|---|---|
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles account ad show
Get the specified ANF active directory.
az netappfiles account ad show --account-name --name
--active-directory-id
--resource-groupExamples
Get an active directory on the account
az netappfiles account ad show -g mygroup --name myname --active-directory-id 13641da9-c0e9-4b97-84fc-4f8014a93848Required Parameters
The name of the NetApp account.
Id of the Active Directory.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles account ad update
Updates an active directory to the account.
az netappfiles account ad update --account-name --name
--active-directory-id
--resource-group
[--ad-name]
[--add]
[--administrators]
[--aes-encryption {0, 1, f, false, n, no, t, true, y, yes}]
[--allow-local-ldap-users --allow-local-nfs-users-with-ldap {0, 1, f, false, n, no, t, true, y, yes}]
[--backup-operators]
[--dns]
[--domain]
[--encrypt-dc-connections {0, 1, f, false, n, no, t, true, y, yes}]
[--force-string {0, 1, f, false, n, no, t, true, y, yes}]
[--kdc-ip]
[--ldap-over-tls {0, 1, f, false, n, no, t, true, y, yes}]
[--ldap-search-scope]
[--ldap-signing {0, 1, f, false, n, no, t, true, y, yes}]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--organizational-unit]
[--password]
[--preferred-servers-for-ldap-client]
[--remove]
[--security-operators]
[--server-root-ca-cert --server-root-ca-certificate]
[--set]
[--site]
[--smb-server-name]
[--username]Examples
Update an active directory on the account
az netappfiles account ad update -g mygroup --name myname --active-directory-id 13641da9-c0e9-4b97-84fc-4f8014a93848 --username ad_username --password ad_password --domain northeurope --dns 1.2.3.4 --smb-server-name SMBSERVERRequired Parameters
The name of the NetApp account.
Id of the Active Directory.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Name of the active directory machine. This optional parameter is used only while creating kerberos volume.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
If enabled, AES encryption will be enabled for SMB communication.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Name of the Active Directory domain.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Kdc server IP address for the active directory machine. This optional parameter is used only while creating kerberos volume.
Specifies whether or not the LDAP traffic needs to be secured via TLS.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
LDAP Search scope options Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Specifies whether or not the LDAP traffic needs to be signed.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
The Organizational Unit (OU) within the Windows Active Directory.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Plain text password of Active Directory domain administrator, value is masked in the response.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
| Property | Value |
|---|---|
| Parameter group: | Generic Update Arguments |
The Active Directory site the service will limit Domain Controller discovery to.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
A domain user account with permission to create machine accounts.
| Property | Value |
|---|---|
| Parameter group: | Body.properties.activeDirectories[] Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles account ad wait
Place the CLI in a waiting state until a condition is met.
az netappfiles account ad wait [--account-name --name]
[--created]
[--custom]
[--deleted]
[--exists]
[--ids]
[--interval]
[--resource-group]
[--subscription]
[--timeout]
[--updated]Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the NetApp account.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Wait until created with 'provisioningState' at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the condition satisfies a custom JMESPath query. E.g. provisioningState!='InProgress', instanceView.statuses[?code=='PowerState/running'].
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
Wait until deleted.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Wait until the resource exists.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Polling interval in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 30 |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Maximum wait in seconds.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | 3600 |
Wait until updated with provisioningState at 'Succeeded'.
| Property | Value |
|---|---|
| Parameter group: | Wait Condition Arguments |
| Default value: | False |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
