Windows 管理中心入门Get Started with Windows Admin Center

适用于:Windows Admin Center、Windows Admin Center 预览版Applies To: Windows Admin Center, Windows Admin Center Preview

提示

不熟悉 Windows Admin Center?New to Windows Admin Center? 了解有关 Windows Admin Center 的更多信息立即下载Learn more about Windows Admin Center or Download now.

Windows 10 上安装的 windows 管理中心Windows Admin Center installed on Windows 10

重要

你必须是本地管理员组的成员才能在 Windows 10 上使用 Windows 管理中心You must be a member of the local administrator's group to use Windows Admin Center on Windows 10

选择客户端证书Selecting a client certificate

首次在 Windows 10 上打开 Windows 管理中心时,请确保选择 Windows 管理中心客户端 证书 (否则,会收到 HTTP 403 错误,指出 "无法访问此页" ) 。The first time you open Windows Admin Center on Windows 10, make sure to select the Windows Admin Center Client certificate (otherwise you'll get an HTTP 403 error saying "can't get to this page").

在 Microsoft Edge 中,当系统提示此对话框时:In Microsoft Edge, when you are prompted with this dialog:

  1. 单击 "更多选项"Click More choices

    选择突出显示更多选项的证书框

  2. 选择标记为 Windows 管理中心客户端 的证书,然后单击 "确定"Select the certificate labeled Windows Admin Center Client and click OK

    选择显示可用证书的证书框

  3. 请确保选择 "始终允许访问",然后单击 "允许"Make sure Always Allow Access is selected and click Allow

    !"需要凭据" 对话框 (。/media/launch-cert-3.png) !Credential required dialog box](../media/launch-cert-3.png)

连接到托管节点和群集Connecting to managed nodes and clusters

在您完成 Windows 管理中心的安装后,您可以从主概述页添加服务器或群集进行管理。After you have completed the installation of Windows Admin Center, you can add servers or clusters to manage from the main overview page.

添加单个服务器或群集作为托管节点Add a single server or a cluster as a managed node

  1. 单击“所有连接”下的“+ 添加”。Click + Add under All Connections.

    Windows Admin Center -“所有连接”页

  2. 选择添加服务器、群集、Windows 电脑或 Azure VM:Choose to add a server, cluster, Windows PC, or an Azure VM:

    Windows 管理中心-"添加资源" 页

  3. 键入要管理的服务器或群集的名称,然后单击 " 提交"。Type the name of the server or cluster to manage and click Submit. 服务器或群集将添加到 "概述" 页上的 "连接" 列表中。The server or cluster will be added to your connection list on the overview page.

    Windows 管理中心-"服务器" 页

    --或---- OR --

大容量导入多台服务器Bulk import multiple servers

  1. 在 " 添加服务器连接 " 页上,选择 " 导入服务器 " 选项卡。On the Add Server Connection page, choose the Import Servers tab.

    Windows 管理中心-"导入服务器" 选项卡

  2. 单击 " 浏览 " 并选择一个文本文件,其中包含要添加的服务器的逗号或换行符的列表。Click Browse and select a text file that contains a comma, or new line separated, list of FQDNs for the servers you want to add.

备注

通过 使用 PowerShell 导出连接 创建的 .csv 文件包含除服务器名称之外的其他信息,与此导入方法不兼容。The .csv file created by exporting your connections with PowerShell contains additional information beyond the server names and is not compatible with this import method.

--或---- OR --

通过搜索来添加服务器 Active DirectoryAdd servers by searching Active Directory

  1. 在 " 添加服务器连接 " 页上,选择 " 搜索 Active Directory " 选项卡。On the Add Server Connection page, choose the Search Active Directory tab.

    Windows 管理中心-搜索 Active Directory 选项卡

  2. 输入搜索条件,然后单击 " 搜索"。Enter your search criteria and click Search. 支持 ( * ) 的通配符。Wildcards (*) are supported.

  3. 搜索完成后-选择一个或多个结果,可以选择添加标记,然后单击 " 添加"。After the search completes - select one or more of the results, optionally add tags, and click Add.

通过托管节点进行身份验证Authenticate with the managed node

Windows 管理中心支持通过多种机制对托管节点进行身份验证。Windows Admin Center supports several mechanisms for authenticating with a managed node. 默认值为单一登录。Single sign-on is the default.

单一登录Single Sign-on

您可以使用您当前的 Windows 凭据对托管节点进行身份验证。You can use your current Windows credentials to authenticate with the managed node. 这是默认设置,Windows 管理中心会在你添加服务器时尝试登录。This is the default, and Windows Admin Center attempts the sign-on when you add a server.

在部署为 Windows Server 上的服务的情况下进行的单一登录Single sign-on when deployed as a Service on Windows Server

如果在 Windows Server 上安装了 Windows 管理中心,则需要进行其他配置才能进行单一登录。If you have installed Windows Admin Center on Windows Server, additional configuration is required for single sign-on. 为委派配置环境Configure your environment for delegation

--或---- OR --

使用 " 管理身份 " 指定凭据Use Manage As to Specify credentials

在 " 所有连接" 下,从列表中选择服务器,然后选择 " 管理 身份" 以指定将用于向托管节点进行身份验证的凭据:Under All Connections, select a server from the list and choose Manage As to specify the credentials that you will use to authenticate to the managed node:

所有连接,"管理方式" 选项

如果 Windows 管理中心正在 Windows Server 上的服务模式下运行,但未配置 Kerberos 委托,则必须重新输入您的 Windows 凭据:If Windows Admin Center is running in service mode on Windows Server, but you do not have Kerberos delegation configured, you must re-enter your Windows credentials:

"指定凭据" 页面

你可以将凭据应用于所有连接,这将为该特定浏览器会话缓存这些凭据。You may apply the credentials to all connections, which will cache them for that specific browser session. 如果重新加载浏览器,则必须重新输入作为凭据的 管理If you reload your browser, you must re-enter your Manage As credentials.

**本地管理员密码解决方案 (LAPS) **Local Administrator Password Solution (LAPS)

如果你的环境使用 LAPS,并且在 WINDOWS 10 电脑上安装了 windows 管理中心,则可以使用 LAPS 凭据通过托管节点进行身份验证。If your environment uses LAPS, and you have Windows Admin Center installed on your Windows 10 PC, you can use LAPS credentials to authenticate with the managed node. 如果使用此方案,请提供反馈If you use this scenario, please provide feedback.

使用标记来组织连接Using tags to organize your connections

您可以使用标记在连接列表中标识和筛选相关服务器。You can use tags to identify and filter related servers in your connection list. 这样,你就可以在 "连接" 列表中查看服务器的子集。This allows you to see a subset of your servers in the connection list. 如果有多个连接,此方法特别有用。This is especially useful if you have many connections.

编辑标记Edit tags

  • 在 "所有连接" 列表中选择一个或多个服务器Select a server or multiple servers in the All Connections list
  • 在 "所有连接" 下,单击 "编辑标记"Under All Connections, click Edit Tags

Windows 管理中心-编辑标记选项

" 编辑连接标记 " 窗格允许您从所选连接中修改、添加或删除标记, () :The Edit Connection Tags pane allows you to modify, add, or remove tags from your selected connection(s):

  • 若要将新标记添加到所选连接 (s) ,请选择 " 添加标记 ",然后输入要使用的标记名称。To add a new tag to your selected connection(s), select Add tag and enter the tag name you would like to use.

  • 若要使用现有标记名称标记所选连接,请选中要应用的标记名称旁的复选框。To tag the selected connections with an existing tag name, check the box next to the tag name you wish to apply.

  • 若要从所有选择的连接中删除标记,请取消选中要删除的标记旁边的复选框。To remove a tag from all selected connections, uncheck the box next to the tag you wish to remove.

  • 如果将标记应用于所选连接的子集,则复选框将显示为中间状态。If a tag is applied to a subset of the selected connections, the check box is shown in an intermediate state. 您可以单击复选框将其选中,并将标记应用于所有选定的连接,或再次单击以取消选中它并从所有选定连接中删除标记。You can click the box to check it and apply the tag to all selected connections, or click again to uncheck it and remove the tag from all selected connections.

Windows 管理中心-"编辑连接标记" 页

按标记筛选连接Filter connections by tag

向一个或多个服务器连接添加标记后,可以查看连接列表中的标记,并按标记筛选连接列表。Once tags have been added to one or more server connections, you can view the tags on the connection list, and filter the connection list by tags.

  • 若要按标记进行筛选,请选择 "搜索" 框旁边的 "筛选器" 图标。To filter by a tag, select the filter icon next to the search box.

    Windows 管理中心-使用 "搜索" 框筛选

    • 您可以选择 "or"、"and" 或 "not" 来修改所选标记的筛选器行为。You can select "or", "and", or "not" to modify the filter behavior of the selected tags.

    Windows 管理中心-"筛选连接" 页

使用 PowerShell 通过标记导入或导出连接Use PowerShell to import or export your connections (with tags)

# Load the module
Import-Module "$env:ProgramFiles\windows admin center\PowerShell\Modules\ConnectionTools"
# Available cmdlets: Export-Connection, Import-Connection

# Export connections (including tags) to a .csv file
Export-Connection "https://wac.contoso.com" -fileName "WAC-connections.csv"
# Import connections (including tags) from a .csv file
Import-Connection "https://wac.contoso.com" -fileName "WAC-connections.csv"
# Import connections (including tags) from .csv files, and remove any connections that are not explicitly in the imported file using the -prune switch parameter 
Import-Connection "https://wac.contoso.com" -fileName "WAC-connections.csv" -prune

用于导入连接的 CSV 文件格式CSV file format for importing connections

CSV 文件的格式以四个标题("name","type","tags","groupId")开头,在随后的每个新行中列出一个连接。The format of the CSV file starts with the four headings "name","type","tags","groupId", followed by each connection on a new line.

name 是连接的 FQDNname is the FQDN of the connection

type 是连接类型。type is the connection type. 对于 Windows Admin Center 中包含的默认连接,我们将使用下述设置之一:For the default connections included with Windows Admin Center, you will use one of the following:

连接类型Connection type 连接字符串Connection string
Windows ServerWindows Server msft.sme.connection-type.servermsft.sme.connection-type.server
Windows 10 电脑Windows 10 PC msft.sme.connection-type.windows-clientmsft.sme.connection-type.windows-client
故障转移群集Failover Cluster msft.sme.connection-type.clustermsft.sme.connection-type.cluster
超融合群集Hyper-Converged Cluster msft.sme.connection-type.hyper-converged-clustermsft.sme.connection-type.hyper-converged-cluster

tags 以竖线分隔。tags are pipe-separated.

groupId 用于共享连接。groupId is used for shared connections. 在此列中使用 global 值即可将其设置为共享连接。Use the value global in this column to make this a shared connection.

备注

仅网关管理员可以修改共享连接 - 任何用户都可以使用 PowerShell 修改其个人的连接列表。Modifying the shared connections is limited to gateway administrators - any user can use PowerShell to modify their personal connection list.

用于导入连接的 CSV 文件示例Example CSV file for importing connections

"name","type","tags","groupId"
"myServer.contoso.com","msft.sme.connection-type.server","hyperv"
"myDesktop.contoso.com","msft.sme.connection-type.windows-client","hyperv"
"teamcluster.contoso.com","msft.sme.connection-type.cluster","legacyCluster|WS2016","global"
"myHCIcluster.contoso.com,"msft.sme.connection-type.hyper-converged-cluster","myHCIcluster|hyperv|JIT|WS2019"
"teamclusterNode.contoso.com","msft.sme.connection-type.server","legacyCluster|WS2016","global"
"myHCIclusterNode.contoso.com","msft.sme.connection-type.server","myHCIcluster|hyperv|JIT|WS2019"

导入 RDCman 连接Import RDCman connections

请使用以下脚本将 RDCman 中保存的连接导出到某个文件。Use the script below to export saved connections in RDCman to a file. 然后,可以将该文件导入 Windows Admin Center,并使用标记保留 RDCMan 分组层次结构。You can then import the file into Windows Admin Center, maintaining your RDCMan grouping hierarchy using tags. 试试吧!Try it out!

  1. 将以下代码复制并粘贴到你的 PowerShell 会话:Copy and paste the code below into your PowerShell session:

    #Helper function for RdgToWacCsv
    function AddServers {
     param (
     [Parameter(Mandatory = $true)]
     [Xml.XmlLinkedNode]
     $node,
     [Parameter()]
     [String[]]
     $tags,
     [Parameter(Mandatory = $true)]
     [String]
     $csvPath
     )
     if ($node.LocalName -eq 'server') {
         $serverName = $node.properties.name
         $tagString = $tags -join "|"
         Add-Content -Path $csvPath -Value ('"'+ $serverName + '","msft.sme.connection-type.server","'+ $tagString +'"')
     } 
     elseif ($node.LocalName -eq 'group' -or $node.LocalName -eq 'file') {
         $groupName = $node.properties.name
         $tags+=$groupName
         $currNode = $node.properties.NextSibling
         while ($currNode) {
             AddServers -node $currNode -tags $tags -csvPath $csvPath
             $currNode = $currNode.NextSibling
         }
     } 
     else {
         # Node type isn't relevant to tagging or adding connections in WAC
     }
     return
    }
    
    <#
    .SYNOPSIS
    Convert an .rdg file from Remote Desktop Connection Manager into a .csv that can be imported into Windows Admin Center, maintaining groups via server tags. This will not modify the existing .rdg file and will create a new .csv file
    
     .DESCRIPTION
     This converts an .rdg file into a .csv that can be imported into Windows Admin Center.
    
     .PARAMETER RDGfilepath
     The path of the .rdg file to be converted. This file will not be modified, only read.
    
     .PARAMETER CSVdirectory
     Optional. The directory you wish to export the new .csv file. If not provided, the new file is created in the same directory as the .rdg file.
    
     .EXAMPLE
     C:\PS> RdgToWacCsv -RDGfilepath "rdcmangroup.rdg"
     #>
    function RdgToWacCsv {
     param(
         [Parameter(Mandatory = $true)]
         [String]
         $RDGfilepath,
         [Parameter(Mandatory = $false)]
         [String]
         $CSVdirectory
     )
     [xml]$RDGfile = Get-Content -Path $RDGfilepath
     $node = $RDGfile.RDCMan.file
     if (!$CSVdirectory){
         $csvPath = [System.IO.Path]::GetDirectoryName($RDGfilepath) + [System.IO.Path]::GetFileNameWithoutExtension($RDGfilepath) + "_WAC.csv"
     } else {
         $csvPath = $CSVdirectory + [System.IO.Path]::GetFileNameWithoutExtension($RDGfilepath) + "_WAC.csv"
     }
     New-item -Path $csvPath
     Add-Content -Path $csvPath -Value '"name","type","tags"'
     AddServers -node $node -csvPath $csvPath
     Write-Host "Converted $RDGfilepath `nOutput: $csvPath"
    }
    
  2. 若要创建 .CSV 文件,请运行以下命令:To create a .CSV file, run the following command:

    RdgToWacCsv -RDGfilepath "path\to\myRDCManfile.rdg"
    
  3. 将生成的 .CSV 文件导入 Windows Admin Center,你的所有 RDCMan 分组层次结构将通过连接列表中的标记来表示。Import the resulting .CSV file in to Windows Admin Center, and all your RDCMan grouping hierarchy will be represented by tags in the connection list. 有关详细信息,请参阅使用 PowerShell 通过标记导入或导出连接For details, see Use PowerShell to import or export your connections (with tags).

查看 Windows 管理中心中使用的 PowerShell 脚本View PowerShell scripts used in Windows Admin Center

连接到服务器、群集或 PC 后,可以查看支持 Windows 管理中心中可用 UI 操作的 PowerShell 脚本。Once you've connected to a server, cluster, or PC, you can look at the PowerShell scripts that power the UI actions available in Windows Admin Center. 从工具中,单击顶部应用程序栏中的 PowerShell 图标。From within a tool, click the PowerShell icon in the top application bar. 从下拉列表中选择一种感兴趣的命令,导航到相应的 PowerShell 脚本。Select a command of interest from the dropdown to navigate to the corresponding PowerShell script.

查看概述页的 PowerShell 脚本