設定 Azure Sphere 的帳戶Set up an account for Azure Sphere

Azure Sphere 會使用 Azure Active Directory (AAD) 來強制執行企業存取控制。Azure Sphere uses Azure Active Directory (AAD) to enforce enterprise access control. 因此,若要使用 Azure Sphere,您需要一個與 ADD 相關聯的 Microsoft 公司或學校帳戶 (有時稱為組織帳戶)。Therefore, to use Azure Sphere, you need a Microsoft work or school account (sometimes called an organizational account) that is associated with an AAD.

如果您已透過公司或學校使用 Microsoft Azure 資源,或如果您或您的雇主/學校已訂閱其他 Microsoft 線上服務 (例如,商務用 Office 365、商務用 OneDrive 或 InTune),則您可能已具有可使用 Azure Sphere 的帳戶和目錄。If you already use Microsoft Azure through work or school, or if you or your employer/school subscribes to any other Microsoft Online services (for example, Office 365 for Business, OneDrive for Business, or InTune), you probably have an account and directory that you can use with Azure Sphere. 與 Office 365 家用版訂用帳戶、個人 OneDrive 帳戶或 outlook.com 電子郵件地址相關聯的個人帳戶 (也稱為 MSA) 不會提供所需的 AAD。A personal account (also called an MSA), such as an account that is associated with an Office 365 Home subscription, a personal OneDrive account, or an outlook.com email address, does not provide the necessary AAD.

Azure Sphere 帳戶

在圖中,Contoso Corp. 有 AAD,所以 Contoso 使用者可以使用他們的 Contoso 公司帳戶登入並使用 Azure Sphere。In the figure, Contoso Corp. has an AAD, so Contoso users can sign in to use Azure Sphere with their Contoso work accounts. 當此登入通過 Azure 的驗證之後,Contoso 使用者即可建立「Azure Sphere 租用戶」 (如果 Contoso 中還沒有的話)。After Azure authenticates the sign-in, the Contoso user can create an Azure Sphere tenant if Contoso does not already have one. Azure Sphere 租用戶會將 Contoso 的 Azure Sphere 裝置與其他所有 Azure Sphere 客戶的裝置分開,並讓 Contoso 人員來管理裝置。The Azure Sphere tenant isolates Contoso's Azure Sphere devices from those of all other Azure Sphere customers and enables Contoso personnel to manage them. Azure Sphere 租用戶只限用於 Azure Sphere;與 Azure AD 租用戶不一樣。The Azure Sphere tenant is strictly used for Azure Sphere; it is not the same as an Azure AD tenant.

提示

如需 Azure 目錄、帳戶、租用戶和身分識別的說明,請參閱什麼是 Azure Active DirectoryFor help with Azure directories, accounts, tenants, and identities, see the What is Azure Active Directory.

了解您的現有帳戶是否適用於 Azure SphereFind out whether your existing account works with Azure Sphere

若要了解您是否擁有帳戶,請開啟 Azure Sphere 開發人員命令提示字元 (位於 [Azure Sphere] 下方的 [開始] 功能表),並使用您的公司或學校帳戶登入 Azure Sphere:To find out whether you have an account, open an Azure Sphere Developer Command prompt (on the Start menu under Azure Sphere) and sign in to Azure Sphere with your work or school account:

azsphere login

在回應中,azsphere 會提示您選擇帳戶。In response, azsphere prompts you to pick an account. 選擇您的公司/學校帳戶,並視需要輸入密碼。Choose your work/school account and type your password if required. 如果您看到一個對話方塊,其要求系統管理員授與使用 Azure Sphere 公用程式的權限,您必須以系統管理員身分登入或取得系統管理員核准If you see a dialog box requesting that an admin grant permission to use the Azure Sphere Utility, you'll need to log in as an administrator or obtain admin approval.

如果登入成功,便代表您可以搭配 Azure Sphere 使用此帳戶;請繼續進行後續步驟If login succeeds, you can use this account with Azure Sphere; proceed to Next steps.

如果登入失敗,表示此帳戶未與 AAD 帳戶建立關聯。If login fails, the account is not associated with an AAD. 請嘗試使用另一個帳戶;如果沒有另一個帳戶,您可以建立新的帳戶。If you have another account, try it; if not, you can create a new account. 選擇適合您情況的選項:Choose the option that describes your situation:

建立未與任何其他帳戶相關聯的新帳戶和目錄Create a new account and directory that are not associated with any other account

如果您沒有可用於 Azure Sphere 的公司或學校帳戶,而且也沒有 Microsoft 或 Azure 的任何其他帳戶,您可以建立具有新公司/學校帳戶的新目錄。If you don't have a work or school account that you want to use with Azure Sphere, and you have no other account with Microsoft or Azure, you can create a new directory that has a new work/school account. (Azure 文件會將此目錄視為 Azure AD 租用戶;我們稱其為「目錄」,以便與 Azure Sphere 租用戶有所區分)。(The Azure documentation refers to this directory as an Azure AD tenant; we call it a "directory" to distinguish it from the Azure Sphere tenant.)

若要建立具有公司/學校帳戶的新目錄,請造訪 Microsoft Azure 快速入門頁面To create a new directory that has a work/school account, visit the Microsoft Azure Get started page.

填入所需資訊,然後建立一個網域名稱、使用者識別碼和密碼。Fill in the requested information and create a domain name, a user ID, and a password. 提供驗證資訊所需的必要詳細資料。Provide the details necessary to verify your information. 當您按一下 [繼續] 時,系統會提示您註冊與目錄相關聯的 Azure 訂用帳戶。When you click Continue, you will be prompted to sign up for an Azure subscription that is associated with the directory. 如果您不想要註冊 Azure 訂用帳戶,可以離開 Web 網頁。If you don't want to sign up for an Azure subscription, you can leave the web page.

重要

Azure 訂用帳戶不是使用 Azure Sphere 的必要項目,但若要使用 Azure IoT 中樞或 Azure IoT Central,則需要訂用帳戶。An Azure subscription is not required to use Azure Sphere; however, a subscription is required to use Azure IoT Hub or Azure IoT Central. 雖然您可以免費建立 Azure 訂用帳戶,但註冊程序會要求您輸入信用卡號碼。Although you can create an Azure subscription for no charge, the sign-up process requires you to enter a credit card number. Azure 提供數個層級的訂用帳戶服務。Azure provides several levels of subscription service. 免費層包含搭配使用裝置與 IoT 中樞所需的服務。The Free tier includes the services required to use your device with an IoT Hub.

如果您打算使用 Azure IoT 中樞,請依照指示來建立 Azure 訂用帳戶。If you plan to use an Azure IoT Hub, follow the instructions to create an Azure subscription. 如果出現提示,請登入您新建立目錄:userID@domainname.onmicrosoft.com。If prompted, sign into your newly created directory as userID@domainname.onmicrosoft.com. 然後遵循提示來註冊免費的 Azure 訂用帳戶。Then follow the prompts to sign up for a free Azure subscription. 您必須輸入僅用於驗證的信用卡詳細資料。You will need to enter credit card details for verification only.

建立公司/學校帳戶,並與用於 Azure 的個人/MSA 帳戶相關聯Create a work/school account that is associated with the personal/MSA account that you use with Azure

如果您有用於 Azure 的個人/MSA 帳戶,您可以建立相關聯的使用者身分識別和目錄,以搭配 Azure Sphere 使用。If you have a personal/MSA account that you use with Azure, you can create an associated user identity and directory to use with Azure Sphere.

  1. 使用您現有的個人/MSA 帳戶,登入 Azure 入口網站Log in to the Azure portal using your existing personal/MSA account.

  2. 在目錄中建立使用者。Create a user in the directory. 在 Azure 入口網站中,按一下左側功能表上的 [Azure Active Directory],以及其右側窗格上的 [使用者]。In the Azure Portal, click Azure Active Directory on the left side menu and Users on the pane to its right.

    醒目提示 Azure Active Directory 的 Azure 入口網站功能表

  3. 按一下 [使用者] 窗格頂端的 [+ 新增使用者] ,然後填入資訊來建立新使用者。Click +New User at the top of the Users pane and then fill in the information to create a new user. 指定 username@directoryname.onmicrosoft.com 作為登入名稱,並設定使用者的角色。Specify the username@directoryname.onmicrosoft.com as the login and set the role for the user. 如果這位使用者將會管理您 Azure Sphere 應用程式和裝置的存取,請選取 [全域管理員] 角色。If this user will manage access to your Azure Sphere applications and devices, select the Global Administrator role. 選取 [顯示密碼] 以顯示自動產生的密碼,您可以記下此密碼以便未來使用,然後按一下 [建立]。Select Show Password to display the auto-generated password so that you can note it for future use, and then click Create. 這是您將用來登入 Azure Sphere 的帳戶。This is the account you'll use to log in to Azure Sphere.

    重要

    請記下自動產生的密碼和使用者名稱。Record the auto-generated password and the user name. 您需要使用這兩個項目來登入,才能使用 Azure Sphere 裝置。You will need them both to log in so that you can use your Azure Sphere device.

    新增使用者對話方塊

後續步驟Next steps