編輯

共用方式為


Set-AzSqlServerActiveDirectoryAdministrator

Provisions a Microsoft Entra administrator for SQL Server.

Syntax

Set-AzSqlServerActiveDirectoryAdministrator
   [-DisplayName] <String>
   [[-ObjectId] <Guid>]
   [-ServerName] <String>
   [-ResourceGroupName] <String>
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The Set-AzSqlServerActiveDirectoryAdministrator cmdlet provisions a Microsoft Entra administrator for AzureSQL Server in the current subscription. You can provision only one administrator at a time. The following members of Microsoft Entra ID can be provisioned as a SQL Server administrator:

  • Native members of Microsoft Entra ID
  • Federated members of Microsoft Entra ID
  • Imported members from other Azure ADs who are native or federated members
  • Microsoft Entra groups created as security groups Microsoft accounts, such as those in the Outlook.com, Hotmail.com, or Live.com domains, are not supported as administrators. Other guest accounts, such as those in the Gmail.com or Yahoo.com domains, are not supported as administrators. We recommend that you provision a dedicated Microsoft Entra group as an administrator.

Examples

Example 1: Provision an administrator group for a server

Set-AzSqlServerActiveDirectoryAdministrator -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DisplayName "DBAs"

ResourceGroupName ServerName DisplayName ObjectId IsAzureADOnlyAuthentication
----------------- ---------- ----------- -------- ---------------------------
ResourceGroup01   Server01   DBAs        40b79501-b343-44ed-9ce7-da4c8cc7353b False

This command provisions a Microsoft Entra administrator group named DBAs for the server named Server01. This server is associated with resource group ResourceGroup01.

Example 2: Provision an administrator user for a server

Set-AzSqlServerActiveDirectoryAdministrator -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DisplayName "David Chew"

ResourceGroupName ServerName DisplayName ObjectId IsAzureADOnlyAuthentication
----------------- ---------- ----------- -------- 
resourcegroup01   server01   David Chew  11E95548-B179-4FE1-9AF4-ACA49D13ABB9 False

This command provisions a Microsoft Entra user as an administrator for the server named Server01.

Example 3: Provision an administrator group by specifying its ID

Set-AzSqlServerActiveDirectoryAdministrator -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DisplayName "DBAs" -ObjectId "40b79501-b343-44ed-9ce7-da4c8cc7353b"

ResourceGroupName ServerName DisplayName ObjectId IsAzureADOnlyAuthentication 
----------------- ---------- ----------- -------- 
ResourceGroup01   Server01   DBAs        40b79501-b343-44ed-9ce7-da4c8cc7353b False

This command provisions a Microsoft Entra administrator group named DBAs for the server named Server01. The command specifies an ID for the ObjectId parameter. This makes sure that the command succeeds even if the display name of the group is not unique.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DisplayName

Specifies the display name of the Microsoft Entra administrator that this cmdlet provisions.

Type:String
Position:2
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ObjectId

Specifies the unique ID of the Microsoft Entra administrator that this cmdlet provisions. If the display name is not unique, you must specify a value for this parameter.

Type:Guid
Position:3
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

Specifies the name of the resource group to which the server is assigned.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-ServerName

Specifies the name of the SQL Server for which this cmdlet provisions an administrator.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

Guid

Outputs

AzureSqlServerActiveDirectoryAdministratorModel