title | author | description | ms.topic | ms.date | ms.author | ms.lastreviewed | ms.reviewer |
---|---|---|---|---|---|---|---|
Install-AksHciAdAuth for AKS hybrid |
sethmanheim |
The Install-AksHciAdAuth PowerShell command installs Active Directory authentication. |
reference |
2/12/2021 |
sethm |
1/14/2022 |
jeguan |
Install Active Directory authentication.
Install-AksHciAdAuth -name <String>
-keytab [.\current.keytab]
[-previousKeytab <String>]
-SPN <String>
-adminUser <String>
[-TTL]
Install-AksHciAdAuth -name <String>
-keytab [.\current.keytab]
[-previousKeytab <String>]
-SPN <String>
-adminGroup <String>
[-TTL]
Install-AksHciAdAuth -name <String>
-keytab [.\current.keytab]
[-previousKeytab <String>]
-SPN <String>
-adminUserSID <String>
[-TTL]
Install-AksHciAdAuth -name <String>
-keytab [.\current.keytab]
[-previousKeytab <String>]
-SPN <String>
-adminGroupSID <String>
[-TTL]
Install Active Directory authentication.
Install-AksHciAdAuth -name mynewcluster1 -keytab <.\current.keytab> -previousKeytab <.\previous.keytab> -SPN <service/principal@CONTOSO.COM> -adminUser CONTOSO\Bob
Install-AksHciAdAuth -name mynewcluster1 -keytab .\current.keytab -SPN k8s/apiserver@CONTOSO.COM -adminUser contoso\bob
Install-AksHciAdAuth -name mynewcluster1 -keytab .\current.keytab -SPN k8
The alphanumeric name of your Kubernetes cluster.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The file path containing the keytab file. Make sure the file is named current.keytab
.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The former keytab that was used before the Active Directory account password was updated. This is required when changing Active Directory passwords.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The name of the service principal associated with the API server AD account.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Username of the admin to be given cluster admin permissions.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The group name to be given cluster admin permissions.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The user SID to be given cluster admin permissions.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
The group SID to be given cluster admin permissions.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Time to live (in hours) for -previousKeytab
if given. Default is 10 hours.
Type: System.Int32
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: 10
Accept pipeline input: False
Accept wildcard characters: False