New-NfsMappedIdentity
New-NfsMappedIdentity
Creates a new NFS mapped identity.
구문
Parameter Set: User
New-NfsMappedIdentity -GroupIdentifier <Int32> -UserIdentifier <Int32> -UserName <String> [-LdapNamingContext <String> ] [-MappingStore <MappingStoreType> ] [-Password <SecureString> ] [-PrimaryGroup <String> ] [-Server <String> ] [-SupplementaryGroups <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Parameter Set: Group
New-NfsMappedIdentity -GroupIdentifier <Int32> -GroupName <String> [-LdapNamingContext <String> ] [-MappingStore <MappingStoreType> ] [-Password <SecureString> ] [-Server <String> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
자세한 설명
The New-NfsMappedIdentity cmdlet creates a new Network File System (NFS) mapped identity between a UNIX user account or group account and a Windows user account or group account. If a specified user account or group account does not exist, the New-NfsMappedIdentity cmdlet can create the account, set its user ID (UID) and group ID (GID) attributes, and update user membership in the group.
A mapped identity associates a Windows user account or group account to a UNIX user account or group account. A UID or GID identifies a UNIX account namespace. These elements are associated with the corresponding elements of a Windows account namespace: a user name or a group name. By using a mapped identity, a user who is logged on to a UNIX domain can access shared resources in a Windows domain without having to log on to the Windows domain.
For more information about NFS, see Network File System. For more information about NFS account mapping, see NFS Account Mapping Guide and Identity Management for UNIX.
매개 변수
-GroupIdentifier<Int32>
Specifies a group identifier of a user or group account.
별칭 |
GroupId,gid |
필수 여부 |
true |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-GroupName<String>
Specifies a SAMAcccount name of a group account.
별칭 |
group |
필수 여부 |
true |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-LdapNamingContext<String>
Specifies the Lightweight Directory Access Protocol (LDAP) naming context (directory partition) of the identity mapping store that NFS uses. You can use this parameter to search for mapped identities in the specified naming context.
별칭 |
dn |
필수 여부 |
false |
위치 |
named |
기본값 |
DefaultNamingContext |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-MappingStore<MappingStoreType>
Specifies the type of identity mapping store in which the New-NfsMappedIdentity cmdlet creates a mapped identity. When the MappingStore is not specified, the New-NfsMappedIdentity cmdlet gets the store configuration settings from an NFS server. Valid values are AD and LDAP.
별칭 |
store |
필수 여부 |
false |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-Password<SecureString>
Specifies a password for a user account that the New-NfsMappedIdentity cmdlet creates. If no password is specified, the cmdlet disables the new user account until a password is set.
별칭 |
없음 |
필수 여부 |
false |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-PrimaryGroup<String>
Specifies the name of the group account that the cmdlet creates if no existing group account has the specified group identifier. In this case, the GroupIdentifier parameter assigns a GID to the group account.
별칭 |
없음 |
필수 여부 |
false |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-Server<String>
Specifies the LDAP instance name of the store that an NFS server uses. This can be a domain name, Active Directory Lightweight Directory Services (AD LDS) server name, or LDAP server name. When this parameter is not specified, the cmdlet tries to connect to either the LDAP store on the local computer at port 389 when MappingStore is LDAP, or the Active Directory domain of the computer when MappingStore is Active Directory.
별칭 |
LdapServer,ADDomainName |
필수 여부 |
false |
위치 |
named |
기본값 |
localhost:389 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-SupplementaryGroups<String>
Specifies a comma-separated list of group names to which the cmdlet adds a user account that the UserName parameter specifies.
별칭 |
sg |
필수 여부 |
false |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-UserIdentifier<Int32>
Specifies the user identifier that the cmdlet assigns to the user account that the UserName parameter specifies.
별칭 |
UserId,uid |
필수 여부 |
true |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-UserName<String>
Specifies a SAMAcccount name of a user account.
별칭 |
user |
필수 여부 |
true |
위치 |
named |
기본값 |
없음 |
파이프라인 입력 적용 여부 |
True (ByPropertyName) |
와일드카드 문자 허용 여부 |
false |
-Confirm
cmdlet을 실행하기 전에 확인 메시지가 표시됩니다.
필수 여부 |
false |
위치 |
named |
기본값 |
false |
파이프라인 입력 적용 여부 |
false |
와일드카드 문자 허용 여부 |
false |
-WhatIf
cmdlet이 실행될 경우 결과 동작을 표시합니다. cmdlet이 실행되지 않습니다.
필수 여부 |
false |
위치 |
named |
기본값 |
false |
파이프라인 입력 적용 여부 |
false |
와일드카드 문자 허용 여부 |
false |
<CommonParameters>
이 cmdlet은 일반 매개 변수 -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer 및 -OutVariable을 지원합니다. 자세한 내용은 다음을 참조하세요. about_CommonParameters(https://go.microsoft.com/fwlink/p/?LinkID=113216).
입력
입력 유형은 cmdlet에 파이프할 수 있는 개체의 유형입니다.
출력
출력 유형은 cmdlet이 내보내는 개체의 유형입니다.
- Nothing
예제
Example 1: Create a mapped identify for a UNIX user account and a Windows user account
This command creates a mapped identity for a UNIX user that has a UID of 500, and maps it to the Windows account name Contoso\JBrown in a Windows group that has the group identifier of 41. The command stores the mapped identity in the configured Active Directory domain of the local computer. If the user account does not already exist, the command creates it.
PS C:\> New-NfsMappedIdentity -MappingStore "AD" –Server "Contoso" -UserName "JBrown" -UserIdentifier 500 –GroupIdentifier 41
Example 2: Create a mapped identity for a UNIX group account and a Windows group account
This command creates a mapped identity for a UNIX group that has a group identifier of 501 and maps it to the Windows group account that is named Operators. The mapped identity is stored in the configured LDAP store on the computer that is named LdapServer01, that the NFS server “NFSServer-012” uses. The command also creates a local group account named Operators on the NFS server NFSServer-012 if it does not already exist.
PS C:\> New-NfsMappedIdentity -MappingStore "Ldap" -GroupName "Operators" -GroupIdentifier 501 -Server "LdapServer01:389" -NfsServer "NFSServer-012"
Example 3: Create an identity mapping and create the user account and group account if they do not exist
This command creates a mapped identity for a UNIX user whose UID is 500 and maps it to the Windows account named Contoso\JCool. The mapped identity is stored in the Active Directory domain named Contoso. If the user account Contoso\JCool does not exist, the command creates the user account. If the group account Operators does not exist, the command creates the group, assigns GID 501 to the group, and adds the user account Contoso\JCool to the group.
PS C:\> New-NfsMappedIdentity -MappingStore "AD" –Server "Contoso" -UserName "JCool" -UserIdentifier 500 -GroupIdentifier 501 -PrimaryGroup "Operators"