从 Azure Stack Hub 中清除门户用户数据Clear portal user data from Azure Stack Hub
Azure Stack Hub 操作员可以根据 Azure Stack Hub 用户的请求,按需清除门户用户数据。Azure Stack Hub operators can clear portal user data on demand when Azure Stack Hub users request it. Azure Stack Hub 用户可以通过固定磁贴和更改仪表板布局来自定义门户。As an Azure Stack Hub user, the portal can be customized by pinning tiles and changing the dashboard layout. 用户还可以根据个人喜好更改主题和调整默认语言。Users can also change the theme and adjust the default language to match personal preferences.
门户用户数据包括 Azure Stack Hub 用户门户中的收藏夹和最近访问的资源。Portal user data includes favorites and recently accessed resources in the Azure Stack Hub user portal. 本文介绍如何清除门户用户数据。This article describes how to clear the portal user data.
只有在删除用户订阅之后,才能删除门户用户设置。Removing portal user settings should only be done after the user subscription has been deleted.
备注
在遵循本文中的指导之后,某些用户数据可能仍会出现在事件日志的 system 节中。Some user data can still exist in the system section of event logs after following the guidance in this article. 在日志自动滚动更新之前,这些数据可能会保留数天。This data can remain for several days until the logs automatically roll over.
要求Requirements
- 安装适用于 Azure Stack Hub 的 PowerShell。Install PowerShell for Azure Stack Hub.
- 从 GitHub 下载最新的 Azure Stack Hub 工具。Download the latest Azure Stack Hub tools from GitHub.
- 用户帐户必须仍存在于目录中。The user account must still exist in the directory.
- 用于访问管理员资源管理器终结点的 Azure Stack Hub 管理员凭据。Azure Stack Hub admin credentials to access the admin Resource Manager endpoint.
备注
如果你尝试从来宾目录(多租户)中删除受邀用户的门户用户信息,必须在该目录中拥有读取权限。If you attempt to delete portal user information from a user that was invited from a guest directory (multi-tenancy), you must have read permission in that directory. 有关详细信息,请参阅本文稍后的 CSP 方案。For more information, see the CSP scenario later in this article.
使用用户主体名称清除门户用户数据Clear portal user data using a user principal name
此方案假设默认提供程序订阅和用户属于同一目录,或者你对用户所在的目录拥有读取访问权限。This scenario assumes that either the default provider subscription and the user are part of the same directory, or that you have read access to the directory in which the user resides.
在继续之前,请务必从 GitHub 下载最新版本的 Azure Stack Hub 工具。Make sure to download the latest version of the Azure Stack Hub tools from GitHub before you proceed.
对于此过程,请使用能够与 Azure Stack Hub 的管理员资源管理器终结点通信的计算机。For this procedure, use a computer that can communicate with the admin Resource Manager endpoint of Azure Stack Hub.
打开提升了权限的 Windows PowerShell 会话 (以管理员身份运行) ,中转到 Test-azurestack- az 目录中的根文件夹,然后导入所需的 PowerShell 模块:Open an elevated Windows PowerShell session (run as administrator), go to the root folder in the AzureStack-Tools-az directory, and import the required PowerShell module:
Import-Module .\DatacenterIntegration\Portal\PortalUserDataUtilities.psm1运行以下命令。Run the following commands. 请务必将占位符替换为与环境匹配的值:Make sure to substitute the placeholders with values that match your environment:
## The following Azure Resource Manager endpoint is for the ASDK. If you are in a multinode environment, contact your operator or service provider to get the endpoint. $adminARMEndpoint = "https://adminmanagement.local.azurestack.external" ## Replace the following value with the Azure Stack Hub directory tenant ID. $azureStackDirectoryTenantId = "f5025bf2-547f-4b49-9693-6420c1d5e4ca" ## Replace the following value with the user directory tenant ID. $userDirectoryTenantId = " 7ddf3648-9671-47fd-b63d-eecd82ed040e" ## Replace the following value with name of the user principal whose portal user data is to be cleared. $userPrincipalName = "myaccount@contoso.onmicrosoft.com" Clear-AzsUserDataWithUserPrincipalName -AzsAdminArmEndpoint $adminARMEndpoint ` -AzsAdminDirectoryTenantId $azureStackDirectoryTenantId ` -UserPrincipalName $userPrincipalName ` -DirectoryTenantId $userDirectoryTenantId备注
azureStackDirectoryTenantId是可选项。azureStackDirectoryTenantIdis optional. 如果未指定此值,脚本将在 Azure Stack Hub 中已注册的所有租户目录中搜索用户主体名称,然后清除所有匹配用户的门户数据。If you don't specify this value, the script searches for the user principal name in all tenant directories registered in Azure Stack Hub and then clears the portal data for all matched users.
在来宾目录中清除门户用户数据Clear portal user data in guest directory
在此方案中,Azure Stack Hub 操作员对用户所在的来宾目录没有访问权限。In this scenario, the Azure Stack Hub operator has no access to the guest directory in which the user resides. 如果你是云解决方案提供商 (CSP),这是一种常见方案。This is a common scenario when you're a Cloud Solution Provider (CSP).
要使 Azure Stack Hub 操作员能够删除门户用户数据,至少需要获取用户对象 ID。For an Azure Stack Hub operator to remove the portal user data, at a minimum the user object ID is required.
用户必须查询该对象 ID,并将其提供给 Azure Stack Hub 操作员。The user must query the object ID and provide it to the Azure Stack Hub operator. 操作员对用户所在的目录没有访问权限。The operator doesn't have access to the directory in which the user resides.
用户检索用户对象 IDUser retrieves the user object ID
打开提升了权限的 Windows PowerShell 会话 (以管理员身份运行) ,中转到 Test-azurestack- az 目录中的根文件夹,然后导入必要的 PowerShell 模块。Open an elevated Windows PowerShell session (run as administrator), go to the root folder in the AzureStack-Tools-az directory, and then import the necessary PowerShell module.
Import-Module .\DatacenterIntegration\Portal\PortalUserDataUtilities.psm1运行以下命令。Run the following commands. 请务必将占位符替换为与环境匹配的值。Make sure to substitute the placeholders with values that match your environment.
## The following Azure Resource Manager endpoint is for the ASDK. If you are in a multinode environment, contact your operator or service provider to get the endpoint. $userARMEndpoint = "https://management.local.azurestack.external" ## Replace the following value with the directory tenant ID, which contains the user account. $userDirectoryTenantId = "3160cbf5-c227-49dd-8654-86e924c0b72f" ## Replace the following value with the name of the user principal whose portal user data is to be cleared. $userPrincipleName = "myaccount@contoso.onmicrosoft.com" Get-UserObjectId -DirectoryTenantId $userDirectoryTenantId ` -AzsArmEndpoint $userARMEndpoint ` -UserPricinpalName $userPrincipleName备注
用户必须将用户对象 ID(上一脚本的输出)提供给 Azure Stack Hub 操作员。As a user, you must provide the user object ID, which is the output of the previous script, to the Azure Stack Hub operator.
Azure Stack Hub 操作员删除门户用户数据Azure Stack Hub operator removes the portal user data
以 Azure Stack Hub 操作员的身份收到用户对象 ID 后,运行以下命令删除门户用户数据:After receiving the user object ID as an Azure Stack Hub operator, run the following commands to remove the portal user data:
打开提升了权限的 Windows PowerShell 会话 (以管理员身份运行) ,中转到 Test-azurestack- az 目录中的根文件夹,然后导入必要的 PowerShell 模块。Open an elevated Windows PowerShell session (run as administrator), go to the root folder in the AzureStack-Tools-az directory, and then import the necessary PowerShell module.
Import-Module .\DatacenterIntegration\Portal\PortalUserDataUtilities.psm1运行以下命令(请务必根据环境调整参数):Run the following commands, making sure you adjust the parameter to match your environment:
## The following Azure Resource Manager endpoint is for the ASDK. If you are in a multinode environment, contact your operator or service provider to get the endpoint. $AzsAdminARMEndpoint = "https://adminmanagement.local.azurestack.external" ## Replace the following value with the Azure Stack Hub directory tenant ID. $AzsAdminDirectoryTenantId = "f5025bf2-547f-4b49-9693-6420c1d5e4ca" ## Replace the following value with the directory tenant ID of the user to clear. $DirectoryTenantId = "3160cbf5-c227-49dd-8654-86e924c0b72f" ## Replace the following value with the name of the user principal whose portal user data is to be cleared. $userObjectID = "s-1-*******" Clear-AzsUserDataWithUserObject -AzsAdminArmEndpoint $AzsAdminARMEndpoint ` -AzsAdminDirectoryTenantId $AzsAdminDirectoryTenantId ` -DirectoryTenantID $DirectoryTenantId ` -UserObjectID $userObjectID `
后续步骤Next steps
- 将 Azure Stack Hub 注册到 Azure,并使用提供给用户的项填充 Azure Stack Hub 市场。Register Azure Stack Hub with Azure and populate the Azure Stack Hub Marketplace with items to offer your users.