az arcdata ad-connector
Note
This reference is part of the arcdata extension for the Azure CLI (version 2.3.1 or higher). The extension will automatically install the first time you run an az arcdata ad-connector command. Learn more about extensions.
Manage Active Directory authentication for Azure Arc data services.
Commands
| Name | Description | Type | Status | 
|---|---|---|---|
| az arcdata ad-connector create | Create a new Active Directory connector. | Extension | GA | 
| az arcdata ad-connector delete | Delete an existing Active Directory connector. | Extension | GA | 
| az arcdata ad-connector list | List all Active Directory connectors. | Extension | GA | 
| az arcdata ad-connector show | Get the details of an existing Active Directory connector. | Extension | GA | 
| az arcdata ad-connector update | Update the settings of an existing Active Directory connector. | Extension | GA | 
az arcdata ad-connector create
Create a new Active Directory connector.
az arcdata ad-connector create --account-provisioning
                               --name
                               --nameserver-addresses
                               --realm
                               [--data-controller-name]
                               [--dns-domain-name]
                               [--dns-replicas]
                               [--domain-service-account-secret]
                               [--k8s-namespace]
                               [--netbios-domain-name]
                               [--no-wait]
                               [--ou-distinguished-name]
                               [--prefer-k8s-dns]
                               [--primary-ad-dc-hostname]
                               [--resource-group]
                               [--secondary-ad-dc-hostnames]
                               [--use-k8s]Examples
Ex 1 - Deploy a new Active Directory connector using the Kubernetes API.
az arcdata ad-connector create --name arcadc  --k8s-namespace arc  --realm CONTOSO.LOCAL  --account-provisioning manual --primary-ad-dc-hostname azdc01.contoso.local  --secondary-ad-dc-hostnames "azdc02.contoso.local, azdc03.contoso.local"  --netbios-domain-name CONTOSO  --dns-domain-name contoso.local  --nameserver-addresses 10.10.10.11,10.10.10.12,10.10.10.13  --dns-replicas 2  --prefer-k8s-dns false  --use-k8sEx 2 - Deploy a new Active Directory connector through Azure Resource Manager (ARM).
az arcdata ad-connector create  --name arcadc --resource-group rg-name --data-controller-name dc-name --realm CONTOSO.LOCAL  --account-provisioning manual --primary-ad-dc-hostname azdc01.contoso.local  --secondary-ad-dc-hostnames "azdc02.contoso.local, azdc03.contoso.local"  --netbios-domain-name CONTOSO  --dns-domain-name contoso.local  --nameserver-addresses 10.10.10.11,10.10.10.12,10.10.10.13  --dns-replicas 2  --prefer-k8s-dns falseRequired Parameters
Value indicating whether service account provisioning for data services should be automatic or manual. Allowed values are: 'manual' or 'automatic'.
The name of the Active Directory connector.
List of Active Directory DNS server IP addresses separated by ',' (e.g. 10.10.10.11,10.10.10.12,10.10.10.13).
The name of the Active Directory domain in uppercase (e.g CONTOSO.LOCAL).
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
The DNS domain name (e.g. contoso.com).
The number of copies for DNS proxy service.
| Property | Value | 
|---|---|
| Default value: | 1 | 
The name of the Kubernetes secret containing the credentials for the pre-created Active Directory account with permissions to create and manage accounts in the given OU. Alternatively, setting the 'DOMAIN_SERVICE_ACCOUNT_USERNAME' and 'DOMAIN_SERVICE_ACCOUNT_PASSWORD' env variables will create this secret automatically.
The Kubernetes namespace to deploy the Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
The NETBIOS name of the Active Directory domain (e.g. CONTOSO).
Do not wait for the long-running operation to finish.
| Property | Value | 
|---|---|
| Default value: | False | 
The distinguished name of the pre-created Organizational Unit (OU) in the Active Directory domain. (e.g. OU=arcou,DC=contoso,DC=com).
Use Kubernetes DNS Server responses over the Active Directory DNS server responses for IP address lookup. Allowed values are 'true' or 'false'.
| Property | Value | 
|---|---|
| Default value: | true | 
The hostname of the primary AD domain controller.
The Azure resource group of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
List of the hostnames of the secondary Active Directory domain controller separated by ','(e.g. azdc02.contoso.local,azdc03.contoso.local).
Use local Kubernetes APIs to perform this action.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value | 
|---|---|
| Default value: | False | 
Output format.
| Property | Value | 
|---|---|
| Default value: | json | 
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc | 
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
az arcdata ad-connector delete
Delete an existing Active Directory connector.
az arcdata ad-connector delete --name
                               [--data-controller-name]
                               [--k8s-namespace]
                               [--no-wait]
                               [--resource-group]
                               [--use-k8s]Examples
Ex 1 - Delete an existing Active Directory connector using the Kubernetes API.
az arcdata ad-connector delete --name arcadc --k8s-namespace arc  --use-k8sEx 2 - Delete an existing Active Directory connector through Azure Resource Manager (ARM).
az arcdata ad-connector delete --name arcadc --resource-group rg-name  --data-controller-name dc-nameRequired Parameters
The name of the Active Directory connector.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
The Kubernetes namespace containing the Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
Do not wait for the long-running operation to finish.
| Property | Value | 
|---|---|
| Default value: | False | 
The Azure resource group of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
Use local Kubernetes APIs to perform this action.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value | 
|---|---|
| Default value: | False | 
Output format.
| Property | Value | 
|---|---|
| Default value: | json | 
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc | 
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
az arcdata ad-connector list
List all Active Directory connectors.
az arcdata ad-connector list [--data-controller-name]
                             [--k8s-namespace]
                             [--resource-group]
                             [--use-k8s]Examples
Ex 1 - List all Active Directory connectors in a given Kubernetes namespace using the Kubernetes API.
az arcdata ad-connector list --k8s-namespace arc --use-k8sEx 2 - List all Active Directory connectors associated with a given Arc data controller by querying Azure Resource Manager (ARM).
az arcdata ad-connector list --resource-group rg-name --data-controller-name dc-nameOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the Arc data controller associated with the Active Directory connectors.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
The Kubernetes namespace containing the Active Directory connectors.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
The Azure resource group containing the Active Directory connectors.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
Use local Kubernetes APIs to perform this action.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value | 
|---|---|
| Default value: | False | 
Output format.
| Property | Value | 
|---|---|
| Default value: | json | 
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc | 
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
az arcdata ad-connector show
Get the details of an existing Active Directory connector.
az arcdata ad-connector show --name
                             [--data-controller-name]
                             [--k8s-namespace]
                             [--resource-group]
                             [--use-k8s]Examples
Ex 1 - Get an existing Active Directory connector using the Kubernetes API.
az arcdata ad-connector show --name arcadc --k8s-namespace arc --use-k8sEx 2 - Get an existing Active Directory connector by querying Azure Resource Manager (ARM).
az arcdata ad-connector show --name arcadc --resource-group rg-name --data-controller-name dc-nameRequired Parameters
The name of the Active Directory connector.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
The Kubernetes namespace containing the Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
The Azure resource group of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
Use local Kubernetes APIs to perform this action.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value | 
|---|---|
| Default value: | False | 
Output format.
| Property | Value | 
|---|---|
| Default value: | json | 
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc | 
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
az arcdata ad-connector update
Update the settings of an existing Active Directory connector.
az arcdata ad-connector update --name
                               [--data-controller-name]
                               [--dns-replicas]
                               [--domain-service-account-secret]
                               [--k8s-namespace]
                               [--nameserver-addresses]
                               [--no-wait]
                               [--prefer-k8s-dns]
                               [--primary-ad-dc-hostname]
                               [--resource-group]
                               [--secondary-ad-dc-hostnames]
                               [--use-k8s]Examples
Ex 1 - Update an existing Active Directory connector using the Kubernetes API.
az arcdata ad-connector update --name arcadc  --k8s-namespace arc  --primary-ad-dc-hostname azdc01.contoso.local --secondary-ad-dc-hostname "azdc02.contoso.local, azdc03.contoso.local"  --nameserver-addresses 10.10.10.11,10.10.10.12,10.10.10.13 --dns-replicas 2  --prefer-k8s-dns false  --use-k8sEx 2 - Update an existing Active Directory connector through Azure Resource Manager (ARM).
az arcdata ad-connector update --name arcadc --resource-group rg-name --data-controller-name dc-name --primary-ad-dc-hostname azdc01.contoso.local --secondary-ad-dc-hostname "azdc02.contoso.local, azdc03.contoso.local" --nameserver-addresses 10.10.10.11,10.10.10.12,10.10.10.13 --dns-replicas 2 --prefer-k8s-dns falseRequired Parameters
The name of the Active Directory connector.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
The number of copies for DNS proxy service.
The name of the Kubernetes secret containing the credentials for the pre-created Active Directory account with permissions to create and manage accounts in the given OU.
The Kubernetes namespace containing Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
List of Active Directory DNS server IP addresses separated by ',' (e.g. 10.10.10.11,10.10.10.12,10.10.10.13).
Do not wait for the long-running operation to finish.
| Property | Value | 
|---|---|
| Default value: | False | 
Use Kubernetes DNS Server responses over the Active Directory DNS server responses for IP address lookup. Allowed values are 'true' or 'false'.
The hostname of the primary AD domain controller.
The Azure resource group of the Arc data controller associated with this Active Directory connector.
| Property | Value | 
|---|---|
| Parameter group: | Azure Resource Manager – targeted Arguments | 
List of the hostnames of the secondary Active Directory domain controller separated by ','(e.g. azdc02.contoso.local,azdc03.contoso.local).
Use local Kubernetes APIs to perform this action.
| Property | Value | 
|---|---|
| Parameter group: | Kubernetes API – targeted Arguments | 
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value | 
|---|---|
| Default value: | False | 
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value | 
|---|---|
| Default value: | False | 
Output format.
| Property | Value | 
|---|---|
| Default value: | json | 
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc | 
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value | 
|---|---|
| Default value: | False |