你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
Add-AzHDInsightSecurityProfile
将安全配置文件添加到群集配置对象。
语法
Add-AzHDInsightSecurityProfile
[-Config] <AzureHDInsightConfig>
-DomainResourceId <String>
-DomainUserCredential <PSCredential>
[-OrganizationalUnitDN <String>]
-LdapsUrls <String[]>
[-ClusterUsersGroupDNs <String[]>]
[-DefaultProfile <IAzureContextContainer>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] 说明
安全配置文件用于创建安全群集,方法是对其进行刻化。 安全配置文件包含与将群集联接到Active Directory 域相关的配置。
示例
示例 1:将安全配置文件添加到群集配置对象
#Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = (Get-AzStorageAccountKey -ResourceGroupName $storageAccountResourceGroupName -Name $storageAccountName)[0].value
$storageContainer = "container001"
# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-001"
$clusterCreds = Get-Credential
# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location
#Security profile info
$domain="sampledomain.onmicrosoft.com"
$domainUser="sample.user@sampledomain.onmicrosoft.com"
$domainPassword=ConvertTo-SecureString "domainPassword" -AsPlainText -Force
$domainUserCredential=New-Object System.Management.Automation.PSCredential($domainUser, $domainPassword)
$organizationalUnitDN="ou=testunitdn"
$ldapsUrls=("ldaps://sampledomain.onmicrosoft.com:636","ldaps://sampledomain.onmicrosoft.com:389")
$clusterUsersGroupDNs=("groupdn1","groupdn2")
# Create the cluster
New-AzHDInsightClusterConfig `
| Add-AzHDInsightSecurityProfile `
-DomainResourceId $domain `
-DomainUserCredential $domainUserCredential `
-OrganizationalUnitDN $organizationalUnitDN `
-LdapsUrls $ldapsUrls `
-ClusterUsersGroupDNs $clusterUsersGroupDNs `
| New-AzHDInsightCluster `
-ClusterType Spark `
-OSType Linux `
-ClusterSizeInNodes 4 `
-ResourceGroupName $clusterResourceGroupName `
-ClusterName $clusterName `
-HttpCredential $clusterCreds `
-Location $location `
-StorageAccountResourceId $storageAccountResourceId `
-StorageAccountKey $storageAccountKey `
-StorageContainer $storageContainer此命令将安全配置文件值添加到名为 your-hadoop-001 的群集。
参数
-ClusterUsersGroupDNs
Ambari 和 Ranger 中可用的 Active Directory 组的可分辨名称
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Config
指定此 cmdlet 修改的 HDInsight 群集配置对象。 此对象由 New-AzHDInsightClusterConfig cmdlet 创建。
| Type: | AzureHDInsightConfig |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
提示你在运行 cmdlet 之前进行确认。
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultProfile
用于与 azure 通信的凭据、帐户、租户和订阅
| Type: | IAzureContextContainer |
| Aliases: | AzContext, AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DomainResourceId
群集的 Active Directory 域资源 ID。
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DomainUserCredential
具有创建群集的足够权限的域用户帐户凭据。 用户名应采用user@domain格式
| Type: | PSCredential |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LdapsUrls
Active Directory 的一个或多个 LDAPS 服务器的 URL
| Type: | String[] |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-OrganizationalUnitDN
将在 Active Directory 中创建用户和计算机帐户的组织单位的可分辨名称
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
输入
输出
反馈
即将发布:在整个 2024 年,我们将逐步淘汰作为内容反馈机制的“GitHub 问题”,并将其取代为新的反馈系统。 有关详细信息,请参阅:https://aka.ms/ContentUserFeedback。
提交和查看相关反馈