Join a domain and add users 编辑
Before you can assign a user or group account an RBAC role, you must add the account to Citrix Hypervisor through RBAC. This process consists of the following tasks:
Join the pool or server to the domain. The domain can be one of the following:
- The domain that the user or group belongs to
- A domain that is in the same Active Directory forest
- A domain that has a trust relationship with the user’s domain
Add the user’s Active Directory account or group to Citrix Hypervisor.
After you add the user’s Active Directory account or group to Citrix Hypervisor, the user is assigned a fixed role of Pool Admin. In Citrix Hypervisor Premium Edition, you must assign a role to the user or group manually. For more information, see Assign roles to users and groups.
To change domains, leave the current domain and then join the new domain.
To join the Citrix Hypervisor or pool to a domain
- In the Resources Pane, select the pool or server for which you want to grant somebody permissions.
- Select the Users tab.
- Select Join Domain.
- Enter Active Directory credentials with sufficient privileges to add servers to the domain you want to join. The domain to be joined must be specified as a fully qualified domain name (FQDN) rather than a NetBIOS name. For example, enter
your_domain.net
instead ofyour_domain
.
To add an Active Directory user or group to a pool
- After joining the user’s domain, in the Users tab, click Add.
- In the Add Users dialog box, enter one or more user or group names. Separate multiple names by commas. To specify a user in a different trusted domain (other than the one currently joined), supply the domain name with the user name. For example, specify
other_domain\jsmith
. Alternatively, you can enter a fully qualified domain name (FQDN). For example, specifyjsmith@other_domain.com
. - Select Grant Access.
- Follow Assign roles to users and groups to assign the account a role and grant access.
To leave the domain
Note:
When you leave the domain, any users who authenticated to the pool or server with Active Directory credentials are disconnected.
- In the Resources Pane, select the pool or server that you want to disconnect from its Active Directory domain.
- Select Leave Domain and select Yes to continue.
- Enter Active Directory credentials with sufficient privileges to disable servers in the domain you want to leave.
- Decide whether to disable the computer accounts in the Active Directory server, and then click one of the following:
- Disable. Removes the pool or server from the domain and disables the computer account for the server or pool coordinator in the Active Directory database.
- Ignore. If you didn’t fill the username/password or know an account with sufficient privileges, select this option to remove the server or pool coordinator’s computer account from the Active Directory database. This option removes the pool or server from the domain, but leaves the computer account for the server or pool coordinator in the Active Directory.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论