从 Azure Stack Hub 中清除门户用户数据Clear portal user data from Azure Stack Hub

Azure Stack Hub 操作员可以根据 Azure Stack Hub 用户的请求,按需清除门户用户数据。Azure Stack Hub operators can clear portal user data on demand when Azure Stack Hub users request it. Azure Stack Hub 用户可以通过固定磁贴和更改仪表板布局来自定义门户。As an Azure Stack Hub user, the portal can be customized by pinning tiles and changing the dashboard layout. 用户还可以根据个人喜好更改主题和调整默认语言。Users can also change the theme and adjust the default language to match personal preferences.

门户用户数据包括 Azure Stack Hub 用户门户中的收藏夹和最近访问的资源。Portal user data includes favorites and recently accessed resources in the Azure Stack Hub user portal. 本文介绍如何清除门户用户数据。This article describes how to clear the portal user data.

只有在删除用户订阅之后,才能删除门户用户设置。Removing portal user settings should only be done after the user subscription has been deleted.

备注

在遵循本文中的指导之后,某些用户数据可能仍会出现在事件日志的 system 节中。Some user data can still exist in the system section of event logs after following the guidance in this article. 在日志自动滚动更新之前,这些数据可能会保留数天。This data can remain for several days until the logs automatically roll over.

要求Requirements

备注

如果你尝试从来宾目录(多租户)中删除受邀用户的门户用户信息,必须在该目录中拥有读取权限。If you attempt to delete portal user information from a user that was invited from a guest directory (multi-tenancy), you must have read permission in that directory. 有关详细信息,请参阅本文稍后的 CSP 方案For more information, see the CSP scenario later in this article.

使用用户主体名称清除门户用户数据Clear portal user data using a user principal name

此方案假设默认提供程序订阅和用户属于同一目录,或者你对用户所在的目录拥有读取访问权限。This scenario assumes that either the default provider subscription and the user are part of the same directory, or that you have read access to the directory in which the user resides.

在继续之前,请务必从 GitHub 下载最新版本的 Azure Stack Hub 工具Make sure to download the latest version of the Azure Stack Hub tools from GitHub before you proceed.

对于此过程,请使用能够与 Azure Stack Hub 的管理员资源管理器终结点通信的计算机。For this procedure, use a computer that can communicate with the admin Resource Manager endpoint of Azure Stack Hub.

  1. 以提升的权限打开 Windows PowerShell 会话(以管理员身份运行),转到 AzureStack-Tools-master 目录中的根文件夹,然后导入所需的 PowerShell 模块****:Open an elevated Windows PowerShell session (run as administrator), go to the root folder in the AzureStack-Tools-master directory, and import the required PowerShell module:

    Import-Module .\DatacenterIntegration\Portal\PortalUserDataUtilities.psm1
    
  2. 运行以下命令。Run the following commands. 请务必将占位符替换为与环境匹配的值:Make sure to substitute the placeholders with values that match your environment:

    ## The following Azure Resource Manager endpoint is for the ASDK. If you are in a multinode environment, contact your operator or service provider to get the endpoint.
    
    $adminARMEndpoint = "https://adminmanagement.local.azurestack.external"
    
    ## Replace the following value with the Azure Stack Hub directory tenant ID.
    $azureStackDirectoryTenantId = "f5025bf2-547f-4b49-9693-6420c1d5e4ca"
    
    ## Replace the following value with the user directory tenant ID.
    $userDirectoryTenantId = " 7ddf3648-9671-47fd-b63d-eecd82ed040e"
    
    ## Replace the following value with name of the user principal whose portal user data is to be cleared.
    $userPrincipalName = "myaccount@contoso.partner.onmschina.cn"
    
    Clear-AzsUserDataWithUserPrincipalName -AzsAdminArmEndpoint $adminARMEndpoint `
     -AzsAdminDirectoryTenantId $azureStackDirectoryTenantId `
     -UserPrincipalName $userPrincipalName `
     -DirectoryTenantId $userDirectoryTenantId
    

    备注

    azureStackDirectoryTenantId 是可选项。azureStackDirectoryTenantId is optional. 如果未指定此值,脚本将在 Azure Stack Hub 中已注册的所有租户目录中搜索用户主体名称,然后清除所有匹配用户的门户数据。If you don't specify this value, the script searches for the user principal name in all tenant directories registered in Azure Stack Hub and then clears the portal data for all matched users.

在来宾目录中清除门户用户数据Clear portal user data in guest directory

在此方案中,Azure Stack Hub 操作员对用户所在的来宾目录没有访问权限。In this scenario, the Azure Stack Hub operator has no access to the guest directory in which the user resides. 如果你是云解决方案提供商 (CSP),这是一种常见方案。This is a common scenario when you're a Cloud Solution Provider (CSP).

要使 Azure Stack Hub 操作员能够删除门户用户数据,至少需要获取用户对象 ID。For an Azure Stack Hub operator to remove the portal user data, at a minimum the user object ID is required.

用户必须查询该对象 ID,并将其提供给 Azure Stack Hub 操作员。The user must query the object ID and provide it to the Azure Stack Hub operator. 操作员对用户所在的目录没有访问权限。The operator doesn't have access to the directory in which the user resides.

用户检索用户对象 IDUser retrieves the user object ID

  1. 以提升的权限打开 Windows PowerShell 会话(以管理员身份运行),转到 AzureStack-Tools-master 目录中的根文件夹,然后导入所需的 PowerShell 模块****。Open an elevated Windows PowerShell session (run as administrator), go to the root folder in the AzureStack-Tools-master directory, and then import the necessary PowerShell module.

    Import-Module .\DatacenterIntegration\Portal\PortalUserDataUtilities.psm1
    
  2. 运行以下命令。Run the following commands. 请务必将占位符替换为与环境匹配的值。Make sure to substitute the placeholders with values that match your environment.

    ## The following Azure Resource Manager endpoint is for the ASDK. If you are in a multinode environment, contact your operator or service provider to get the endpoint.
    $userARMEndpoint = "https://management.local.azurestack.external"
    
    ## Replace the following value with the directory tenant ID, which contains the user account.
    $userDirectoryTenantId = "3160cbf5-c227-49dd-8654-86e924c0b72f"
    
    ## Replace the following value with the name of the user principal whose portal user data is to be cleared.
    $userPrincipleName = "myaccount@contoso.partner.onmschina.cn"
    
    Get-UserObjectId -DirectoryTenantId $userDirectoryTenantId `
     -AzsArmEndpoint $userARMEndpoint `
     -UserPricinpalName $userPrincipleName
    

    备注

    用户必须将用户对象 ID(上一脚本的输出)提供给 Azure Stack Hub 操作员。As a user, you must provide the user object ID, which is the output of the previous script, to the Azure Stack Hub operator.

Azure Stack Hub 操作员删除门户用户数据Azure Stack Hub operator removes the portal user data

以 Azure Stack Hub 操作员的身份收到用户对象 ID 后,运行以下命令删除门户用户数据:After receiving the user object ID as an Azure Stack Hub operator, run the following commands to remove the portal user data:

  1. 以提升的权限打开 Windows PowerShell 会话(以管理员身份运行),转到 AzureStack-Tools-master 目录中的根文件夹,然后导入所需的 PowerShell 模块****。Open an elevated Windows PowerShell session (run as administrator), go to the root folder in the AzureStack-Tools-master directory, and then import the necessary PowerShell module.

    Import-Module .\DatacenterIntegration\Portal\PortalUserDataUtilities.psm1
    
  2. 运行以下命令(请务必根据环境调整参数):Run the following commands, making sure you adjust the parameter to match your environment:

    ## The following Azure Resource Manager endpoint is for the ASDK. If you are in a multinode environment, contact your operator or service provider to get the endpoint.
    $AzsAdminARMEndpoint = "https://adminmanagement.local.azurestack.external"
    
    ## Replace the following value with the Azure Stack Hub directory tenant ID.
    $AzsAdminDirectoryTenantId = "f5025bf2-547f-4b49-9693-6420c1d5e4ca"
    
    ## Replace the following value with the directory tenant ID of the user to clear.
    $DirectoryTenantId = "3160cbf5-c227-49dd-8654-86e924c0b72f"
    
    ## Replace the following value with the name of the user principal whose portal user data is to be cleared.
    $userObjectID = "s-1-*******"
    Clear-AzsUserDataWithUserObject -AzsAdminArmEndpoint $AzsAdminARMEndpoint `
     -AzsAdminDirectoryTenantId $AzsAdminDirectoryTenantId `
     -DirectoryTenantID $DirectoryTenantId `
     -UserObjectID $userObjectID `
    

后续步骤Next steps