選取您的 Cookie 偏好設定

我們使用提供自身網站和服務所需的基本 Cookie 和類似工具。我們使用效能 Cookie 收集匿名統計資料,以便了解客戶如何使用我們的網站並進行改進。基本 Cookie 無法停用,但可以按一下「自訂」或「拒絕」以拒絕效能 Cookie。

如果您同意,AWS 與經核准的第三方也會使用 Cookie 提供實用的網站功能、記住您的偏好設定,並顯示相關內容,包括相關廣告。若要接受或拒絕所有非必要 Cookie,請按一下「接受」或「拒絕」。若要進行更詳細的選擇,請按一下「自訂」。

AWS Directory Service 使用 的資料範例 AWS CLI - AWS SDK 程式碼範例

文件 AWS 開發套件範例 GitHub 儲存庫中有更多可用的 AWS SDK 範例

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

文件 AWS 開發套件範例 GitHub 儲存庫中有更多可用的 AWS SDK 範例

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

AWS Directory Service 使用 的資料範例 AWS CLI

下列程式碼範例示範如何使用 AWS Command Line Interface 搭配 AWS Directory Service Data 來執行動作和實作常見案例。

Actions 是大型程式的程式碼摘錄,必須在內容中執行。雖然動作會告訴您如何呼叫個別服務函數,但您可以在其相關情境中查看內容中的動作。

每個範例都包含完整原始程式碼的連結,您可以在其中找到如何在內容中設定和執行程式碼的指示。

主題

動作

下列程式碼範例示範如何使用 add-group-member

AWS CLI

將群組成員新增至目錄

下列add-group-member範例會將指定的使用者新增至指定目錄中的指定群組。

aws ds-data add-group-member \ --directory-id d-1234567890 \ --group-name 'sales' \ --member-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的將 AWS Managed Microsoft AD 成員新增至群組,並將群組新增至群組

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 AddGroupMember

下列程式碼範例示範如何使用 add-group-member

AWS CLI

將群組成員新增至目錄

下列add-group-member範例會將指定的使用者新增至指定目錄中的指定群組。

aws ds-data add-group-member \ --directory-id d-1234567890 \ --group-name 'sales' \ --member-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的將 AWS Managed Microsoft AD 成員新增至群組,並將群組新增至群組

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 AddGroupMember

下列程式碼範例示範如何使用 create-group

AWS CLI

為目錄建立群組

下列create-group範例會在指定的目錄中建立群組。

aws ds-data create-group \ --directory-id d-1234567890 \ --sam-account-name 'sales'

輸出:

{ "DirectoryId": "d-9067f3da7a", "SAMAccountName": "sales", "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" }

如需詳細資訊,請參閱《 AWS Directory Service 管理指南》中的建立 AWS Managed Microsoft AD 群組

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 CreateGroup

下列程式碼範例示範如何使用 create-group

AWS CLI

為目錄建立群組

下列create-group範例會在指定的目錄中建立群組。

aws ds-data create-group \ --directory-id d-1234567890 \ --sam-account-name 'sales'

輸出:

{ "DirectoryId": "d-9067f3da7a", "SAMAccountName": "sales", "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" }

如需詳細資訊,請參閱《 AWS Directory Service 管理指南》中的建立 AWS Managed Microsoft AD 群組

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 CreateGroup

下列程式碼範例示範如何使用 create-user

AWS CLI

建立使用者

下列create-user範例會在指定的目錄中建立使用者。

aws ds-data create-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

輸出:

{ "DirectoryId": "d-1234567890", "SAMAccountName": "john.doe", "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的建立 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 CreateUser

下列程式碼範例示範如何使用 create-user

AWS CLI

建立使用者

下列create-user範例會在指定的目錄中建立使用者。

aws ds-data create-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

輸出:

{ "DirectoryId": "d-1234567890", "SAMAccountName": "john.doe", "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的建立 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 CreateUser

下列程式碼範例示範如何使用 delete-group

AWS CLI

刪除群組

下列delete-group範例會從指定的目錄中刪除指定的群組。

aws ds-data delete-group \ --directory-id d-1234567890 \ --sam-account-name 'sales'

此命令不會產生輸出。

如需詳細資訊,請參閱 AWS Directory Service Administration Guide 中的刪除 AWS Managed Microsoft AD 群組

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 DeleteGroup

下列程式碼範例示範如何使用 delete-group

AWS CLI

刪除群組

下列delete-group範例會從指定的目錄中刪除指定的群組。

aws ds-data delete-group \ --directory-id d-1234567890 \ --sam-account-name 'sales'

此命令不會產生輸出。

如需詳細資訊,請參閱 AWS Directory Service Administration Guide 中的刪除 AWS Managed Microsoft AD 群組

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 DeleteGroup

下列程式碼範例示範如何使用 delete-user

AWS CLI

若要刪除使用者

下列delete-user範例會從指定的目錄中刪除指定的使用者。

aws ds-data delete-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱 AWS Directory Service Administration Guide 中的刪除 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 DeleteUser

下列程式碼範例示範如何使用 delete-user

AWS CLI

若要刪除使用者

下列delete-user範例會從指定的目錄中刪除指定的使用者。

aws ds-data delete-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱 AWS Directory Service Administration Guide 中的刪除 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 DeleteUser

下列程式碼範例示範如何使用 describe-group

AWS CLI

列出群組的詳細資訊

下列describe-group範例取得指定目錄中指定群組的資訊。

aws ds-data describe-group \ --directory-id d-1234567890 \ --sam-account-name 'sales'

輸出:

{ "DirectoryId": "d-1234567890", "DistinguishedName": "CN=sales,OU=Users,OU=CORP,DC=corp,DC=example,DC=com", "GroupScope": "Global", "GroupType": "Security", "Realm": "corp.example.com", "SAMAccountName": "sales", "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DescribeGroup

下列程式碼範例示範如何使用 describe-group

AWS CLI

列出群組的詳細資訊

下列describe-group範例取得指定目錄中指定群組的資訊。

aws ds-data describe-group \ --directory-id d-1234567890 \ --sam-account-name 'sales'

輸出:

{ "DirectoryId": "d-1234567890", "DistinguishedName": "CN=sales,OU=Users,OU=CORP,DC=corp,DC=example,DC=com", "GroupScope": "Global", "GroupType": "Security", "Realm": "corp.example.com", "SAMAccountName": "sales", "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DescribeGroup

下列程式碼範例示範如何使用 describe-user

AWS CLI

列出使用者的資訊

下列describe-user範例會取得指定目錄中指定使用者的資訊。

aws ds-data describe-user command-name \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

輸出:

{ "DirectoryId": "d-1234567890", "DistinguishedName": "CN=john.doe,OU=Users,OU=CORP,DC=corp,DC=example,DC=com", "Enabled": false, "Realm": "corp.example.com", "SAMAccountName": "john.doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567", "UserPrincipalName": "john.doe@CORP.EXAMPLE.COM" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DescribeUser

下列程式碼範例示範如何使用 describe-user

AWS CLI

列出使用者的資訊

下列describe-user範例會取得指定目錄中指定使用者的資訊。

aws ds-data describe-user command-name \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

輸出:

{ "DirectoryId": "d-1234567890", "DistinguishedName": "CN=john.doe,OU=Users,OU=CORP,DC=corp,DC=example,DC=com", "Enabled": false, "Realm": "corp.example.com", "SAMAccountName": "john.doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567", "UserPrincipalName": "john.doe@CORP.EXAMPLE.COM" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DescribeUser

下列程式碼範例示範如何使用 disable-directory-data-access

AWS CLI

停用目錄的目錄服務資料 API

下列disable-directory-data-access範例會停用指定目錄的 Directory Service Data API。

aws ds disable-directory-data-access \ --directory-id d-1234567890

此命令不會產生輸出。

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的啟用或停用使用者和群組管理或目錄服務資料AWS

下列程式碼範例示範如何使用 disable-directory-data-access

AWS CLI

停用目錄的目錄服務資料 API

下列disable-directory-data-access範例會停用指定目錄的 Directory Service Data API。

aws ds disable-directory-data-access \ --directory-id d-1234567890

此命令不會產生輸出。

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的啟用或停用使用者和群組管理或目錄服務資料AWS

下列程式碼範例示範如何使用 disable-user

AWS CLI

停用使用者

下列disable-user範例會停用指定目錄中的指定使用者。

aws ds-data disable-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的停用 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DisableUser

下列程式碼範例示範如何使用 disable-user

AWS CLI

停用使用者

下列disable-user範例會停用指定目錄中的指定使用者。

aws ds-data disable-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的停用 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 DisableUser

下列程式碼範例示範如何使用 enable-directory-data-access

AWS CLI

啟用目錄的目錄服務資料 API

下列enable-directory-data-access範例會啟用指定目錄的 Directory Service Data API。

aws ds enable-directory-data-access \ --directory-id d-1234567890

此命令不會產生輸出。

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的啟用或停用使用者和群組管理或目錄服務資料AWS

下列程式碼範例示範如何使用 enable-directory-data-access

AWS CLI

啟用目錄的目錄服務資料 API

下列enable-directory-data-access範例會啟用指定目錄的 Directory Service Data API。

aws ds enable-directory-data-access \ --directory-id d-1234567890

此命令不會產生輸出。

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的啟用或停用使用者和群組管理或目錄服務資料AWS

下列程式碼範例示範如何使用 list-group-members

AWS CLI

列出目錄的群組成員

下列list-group-members範例列出指定目錄中指定群組的群組成員。

aws ds-data list-group-members \ --directory-id d-1234567890 \ --sam-account-name 'sales'

輸出:

{ "Members": [ { "MemberType": "USER", "SAMAccountName": "Jane Doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" }, { "MemberType": "USER", "SAMAccountName": "John Doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569" } ], "DirectoryId": "d-1234567890", "MemberRealm": "corp.example.com", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListGroupMembers

下列程式碼範例示範如何使用 list-group-members

AWS CLI

列出目錄的群組成員

下列list-group-members範例列出指定目錄中指定群組的群組成員。

aws ds-data list-group-members \ --directory-id d-1234567890 \ --sam-account-name 'sales'

輸出:

{ "Members": [ { "MemberType": "USER", "SAMAccountName": "Jane Doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" }, { "MemberType": "USER", "SAMAccountName": "John Doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569" } ], "DirectoryId": "d-1234567890", "MemberRealm": "corp.example.com", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ListGroupMembers

下列程式碼範例示範如何使用 list-groups-for-member

AWS CLI

列出目錄的群組成員資格

下列list-groups-for-member範例列出指定目錄中指定使用者的群組成員資格。

aws ds-data list-groups-for-member \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

輸出:

{ "Groups": [ { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Users", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "MemberRealm": "corp.example.com", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 使用者

下列程式碼範例示範如何使用 list-groups-for-member

AWS CLI

列出目錄的群組成員資格

下列list-groups-for-member範例列出指定目錄中指定使用者的群組成員資格。

aws ds-data list-groups-for-member \ --directory-id d-1234567890 \ --sam-account-name 'john.doe'

輸出:

{ "Groups": [ { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Users", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "MemberRealm": "corp.example.com", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 使用者

下列程式碼範例示範如何使用 list-groups

AWS CLI

列出目錄的群組

下列list-groups範例列出指定目錄中的群組。

aws ds-data list-groups \ --directory-id d-1234567890

輸出:

{ "Groups": [ { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Administrators", "SID": "S-1-2-33-441" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Users", "SID": "S-1-2-33-442" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Guests", "SID": "S-1-2-33-443" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Print Operators", "SID": "S-1-2-33-444" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Backup Operators", "SID": "S-1-2-33-445" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Replicator", "SID": "S-1-2-33-446" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Remote Desktop Users", "SID": "S-1-2-33-447" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Network Configuration Operators", "SID": "S-1-2-33-448" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Performance Monitor Users", "SID": "S-1-2-33-449" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Performance Log Users", "SID": "S-1-2-33-450" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Distributed COM Users", "SID": "S-1-2-33-451" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "IIS_IUSRS", "SID": "S-1-2-33-452" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Cryptographic Operators", "SID": "S-1-2-33-453" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Event Log Readers", "SID": "S-1-2-33-454" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Certificate Service DCOM Access", "SID": "S-1-2-33-456" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "RDS Remote Access Servers", "SID": "S-1-2-33-457" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "RDS Endpoint Servers", "SID": "S-1-2-33-458" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "RDS Management Servers", "SID": "S-1-2-33-459" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Hyper-V Administrators", "SID": "S-1-2-33-460" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Access Control Assistance Operators", "SID": "S-1-2-33-461" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Remote Management Users", "SID": "S-1-2-33-462" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Storage Replica Administrators", "SID": "S-1-2-33-463" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Computers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-789" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-790" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Schema Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-791" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Enterprise Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-792" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Cert Publishers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-793" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-794" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Users", "SID": "S-1-2-34-56789123456-7891012345-6789123486-795" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Guests", "SID": "S-1-2-34-56789123456-7891012345-6789123486-796" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Group Policy Creator Owners", "SID": "S-1-2-34-56789123456-7891012345-6789123486-797" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "RAS and IAS Servers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-798" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Server Operators", "SID": "S-1-2-33-464" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Account Operators", "SID": "S-1-2-33-465" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Pre-Windows 2000 Compatible Access", "SID": "S-1-2-33-466" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Incoming Forest Trust Builders", "SID": "S-1-2-33-467" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Windows Authorization Access Group", "SID": "S-1-2-33-468" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Terminal Server License Servers", "SID": "S-1-2-33-469" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Allowed RODC Password Replication Group", "SID": "S-1-2-34-56789123456-7891012345-6789123486-798" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Denied RODC Password Replication Group", "SID": "S-1-2-34-56789123456-7891012345-6789123486-799" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Read-only Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-800" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Enterprise Read-only Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-801" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Cloneable Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-802" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Protected Users", "SID": "S-1-2-34-56789123456-7891012345-6789123486-803" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Key Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-804" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Enterprise Key Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-805" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "DnsAdmins", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "DnsUpdateProxy", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Admins", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWSAdministrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4570" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Object Management Service Accounts", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4571" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Private CA Connector for AD Delegated Group", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4572" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Application and Service Delegated Group", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4573" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4574" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated FSx Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4575" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Account Operators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4576" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Active Directory Based Activation Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4577" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Allowed to Authenticate Objects", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4578" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Allowed to Authenticate to Domain Controllers", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4579" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Deleted Object Lifetime Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4580" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Distributed File System Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4581" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Dynamic Host Configuration Protocol Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4582" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Enterprise Certificate Authority Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4583" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Fine Grained Password Policy Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4584" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Group Policy Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4585" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Managed Service Account Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4586" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Read Foreign Security Principals", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4587" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Remote Access Service Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4588" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Replicate Directory Changes Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4588" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Sites and Services Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4589" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated System Management Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4590" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Terminal Server Licensing Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4591" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated User Principal Name Suffix Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4592" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Add Workstations To Domain Users", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4593" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Domain Name System Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4594" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Kerberos Delegation Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4595" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Server Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4596" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated MS-NPRC Non-Compliant Devices", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4597" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Remote Access", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4598" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Accounting", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4599" }, { "GroupScope": "Global", "GroupType": "Distribution", "SAMAccountName": "sales", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 ListGroups

下列程式碼範例示範如何使用 list-groups

AWS CLI

列出目錄的群組

下列list-groups範例列出指定目錄中的群組。

aws ds-data list-groups \ --directory-id d-1234567890

輸出:

{ "Groups": [ { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Administrators", "SID": "S-1-2-33-441" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Users", "SID": "S-1-2-33-442" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Guests", "SID": "S-1-2-33-443" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Print Operators", "SID": "S-1-2-33-444" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Backup Operators", "SID": "S-1-2-33-445" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Replicator", "SID": "S-1-2-33-446" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Remote Desktop Users", "SID": "S-1-2-33-447" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Network Configuration Operators", "SID": "S-1-2-33-448" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Performance Monitor Users", "SID": "S-1-2-33-449" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Performance Log Users", "SID": "S-1-2-33-450" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Distributed COM Users", "SID": "S-1-2-33-451" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "IIS_IUSRS", "SID": "S-1-2-33-452" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Cryptographic Operators", "SID": "S-1-2-33-453" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Event Log Readers", "SID": "S-1-2-33-454" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Certificate Service DCOM Access", "SID": "S-1-2-33-456" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "RDS Remote Access Servers", "SID": "S-1-2-33-457" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "RDS Endpoint Servers", "SID": "S-1-2-33-458" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "RDS Management Servers", "SID": "S-1-2-33-459" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Hyper-V Administrators", "SID": "S-1-2-33-460" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Access Control Assistance Operators", "SID": "S-1-2-33-461" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Remote Management Users", "SID": "S-1-2-33-462" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Storage Replica Administrators", "SID": "S-1-2-33-463" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Computers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-789" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-790" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Schema Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-791" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Enterprise Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-792" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Cert Publishers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-793" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-794" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Users", "SID": "S-1-2-34-56789123456-7891012345-6789123486-795" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Domain Guests", "SID": "S-1-2-34-56789123456-7891012345-6789123486-796" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Group Policy Creator Owners", "SID": "S-1-2-34-56789123456-7891012345-6789123486-797" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "RAS and IAS Servers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-798" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Server Operators", "SID": "S-1-2-33-464" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Account Operators", "SID": "S-1-2-33-465" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Pre-Windows 2000 Compatible Access", "SID": "S-1-2-33-466" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Incoming Forest Trust Builders", "SID": "S-1-2-33-467" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Windows Authorization Access Group", "SID": "S-1-2-33-468" }, { "GroupScope": "BuiltinLocal", "GroupType": "Security", "SAMAccountName": "Terminal Server License Servers", "SID": "S-1-2-33-469" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Allowed RODC Password Replication Group", "SID": "S-1-2-34-56789123456-7891012345-6789123486-798" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Denied RODC Password Replication Group", "SID": "S-1-2-34-56789123456-7891012345-6789123486-799" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Read-only Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-800" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Enterprise Read-only Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-801" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Cloneable Domain Controllers", "SID": "S-1-2-34-56789123456-7891012345-6789123486-802" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Protected Users", "SID": "S-1-2-34-56789123456-7891012345-6789123486-803" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Key Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-804" }, { "GroupScope": "Universal", "GroupType": "Security", "SAMAccountName": "Enterprise Key Admins", "SID": "S-1-2-34-56789123456-7891012345-6789123486-805" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "DnsAdmins", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "DnsUpdateProxy", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "Admins", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWSAdministrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4570" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Object Management Service Accounts", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4571" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Private CA Connector for AD Delegated Group", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4572" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Application and Service Delegated Group", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4573" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4574" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated FSx Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4575" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Account Operators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4576" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Active Directory Based Activation Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4577" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Allowed to Authenticate Objects", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4578" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Allowed to Authenticate to Domain Controllers", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4579" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Deleted Object Lifetime Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4580" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Distributed File System Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4581" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Dynamic Host Configuration Protocol Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4582" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Enterprise Certificate Authority Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4583" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Fine Grained Password Policy Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4584" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Group Policy Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4585" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Managed Service Account Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4586" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Read Foreign Security Principals", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4587" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Remote Access Service Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4588" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Replicate Directory Changes Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4588" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Sites and Services Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4589" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated System Management Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4590" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Terminal Server Licensing Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4591" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated User Principal Name Suffix Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4592" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Add Workstations To Domain Users", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4593" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Domain Name System Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4594" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Kerberos Delegation Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4595" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated Server Administrators", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4596" }, { "GroupScope": "DomainLocal", "GroupType": "Security", "SAMAccountName": "AWS Delegated MS-NPRC Non-Compliant Devices", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4597" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Remote Access", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4598" }, { "GroupScope": "Global", "GroupType": "Security", "SAMAccountName": "Accounting", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4599" }, { "GroupScope": "Global", "GroupType": "Distribution", "SAMAccountName": "sales", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 ListGroups

下列程式碼範例示範如何使用 list-users

AWS CLI

列出目錄的使用者

下列list-users範例列出指定目錄中的使用者。

aws ds-data list-users \ --directory-id d-1234567890

輸出:

{ "Users": [ { "Enabled": true, "SAMAccountName": "Administrator", "SID": "S-1-2-34-5678910123-4567895012-3456789012-345" }, { "Enabled": false, "SAMAccountName": "Guest", "SID": "S-1-2-34-5678910123-4567895012-3456789012-345" }, { "Enabled": false, "SAMAccountName": "krbtgt", "SID": "S-1-2-34-5678910123-4567895012-3456789012-346" }, { "Enabled": true, "SAMAccountName": "Admin", "SID": "S-1-2-34-5678910123-4567895012-3456789012-347" }, { "Enabled": true, "SAMAccountName": "Richard Roe", "SID": "S-1-2-34-5678910123-4567895012-3456789012-348" }, { "Enabled": true, "SAMAccountName": "Jane Doe", "SID": "S-1-2-34-5678910123-4567895012-3456789012-349" }, { "Enabled": true, "SAMAccountName": "AWS_WGnzYlN6YyY", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" }, { "Enabled": true, "SAMAccountName": "john.doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱 AWS Directory Service Administration Guide 中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 ListUsers

下列程式碼範例示範如何使用 list-users

AWS CLI

列出目錄的使用者

下列list-users範例列出指定目錄中的使用者。

aws ds-data list-users \ --directory-id d-1234567890

輸出:

{ "Users": [ { "Enabled": true, "SAMAccountName": "Administrator", "SID": "S-1-2-34-5678910123-4567895012-3456789012-345" }, { "Enabled": false, "SAMAccountName": "Guest", "SID": "S-1-2-34-5678910123-4567895012-3456789012-345" }, { "Enabled": false, "SAMAccountName": "krbtgt", "SID": "S-1-2-34-5678910123-4567895012-3456789012-346" }, { "Enabled": true, "SAMAccountName": "Admin", "SID": "S-1-2-34-5678910123-4567895012-3456789012-347" }, { "Enabled": true, "SAMAccountName": "Richard Roe", "SID": "S-1-2-34-5678910123-4567895012-3456789012-348" }, { "Enabled": true, "SAMAccountName": "Jane Doe", "SID": "S-1-2-34-5678910123-4567895012-3456789012-349" }, { "Enabled": true, "SAMAccountName": "AWS_WGnzYlN6YyY", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" }, { "Enabled": true, "SAMAccountName": "john.doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱 AWS Directory Service Administration Guide 中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 ListUsers

下列程式碼範例示範如何使用 remove-group-member

AWS CLI

從目錄中移除群組成員

下列remove-group-member範例會從指定目錄中的指定群組中移除指定的群組成員。

aws ds-data remove-group-member \ --directory-id d-1234567890 \ --group-name 'sales' \ --member-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的將 AWS Managed Microsoft AD 成員新增至群組,並將群組新增至群組

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 RemoveGroupMember

下列程式碼範例示範如何使用 remove-group-member

AWS CLI

從目錄中移除群組成員

下列remove-group-member範例會從指定目錄中的指定群組中移除指定的群組成員。

aws ds-data remove-group-member \ --directory-id d-1234567890 \ --group-name 'sales' \ --member-name 'john.doe'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的將 AWS Managed Microsoft AD 成員新增至群組,並將群組新增至群組

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 RemoveGroupMember

下列程式碼範例示範如何使用 reset-user-password

AWS CLI

在目錄中重設使用者密碼

下列reset-user-password範例會重設並啟用指定目錄中的指定使用者。

aws ds reset-user-password \ --directory-id d-1234567890 \ --user-name 'john.doe' \ --new-password 'password'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的重設和啟用 AWS Managed Microsoft AD 使用者的密碼

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ResetUserPassword

下列程式碼範例示範如何使用 reset-user-password

AWS CLI

在目錄中重設使用者密碼

下列reset-user-password範例會重設並啟用指定目錄中的指定使用者。

aws ds reset-user-password \ --directory-id d-1234567890 \ --user-name 'john.doe' \ --new-password 'password'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的重設和啟用 AWS Managed Microsoft AD 使用者的密碼

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 ResetUserPassword

下列程式碼範例示範如何使用 search-groups

AWS CLI

在目錄中搜尋群組

下列search-groups範例會搜尋指定目錄中的指定群組。

aws ds-data search-groups \ --directory-id d-1234567890 \ --search-attributes 'SamAccountName' \ --search-string 'sales'

輸出:

{ "Groups": [ { "GroupScope": "Global", "GroupType": "Distribution", "SAMAccountName": "sales", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 SearchGroups

下列程式碼範例示範如何使用 search-groups

AWS CLI

在目錄中搜尋群組

下列search-groups範例會搜尋指定目錄中的指定群組。

aws ds-data search-groups \ --directory-id d-1234567890 \ --search-attributes 'SamAccountName' \ --search-string 'sales'

輸出:

{ "Groups": [ { "GroupScope": "Global", "GroupType": "Distribution", "SAMAccountName": "sales", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 SearchGroups

下列程式碼範例示範如何使用 search-users

AWS CLI

在目錄中搜尋使用者

下列search-users範例會在指定的目錄中搜尋指定的使用者。

aws ds-data search-users \ --directory-id d-1234567890 \ --search-attributes 'SamAccountName' \ --Search-string 'john.doe'

輸出:

{ "Users": [ { "Enabled": true, "SAMAccountName": "john.doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 SearchUsers

下列程式碼範例示範如何使用 search-users

AWS CLI

在目錄中搜尋使用者

下列search-users範例會在指定的目錄中搜尋指定的使用者。

aws ds-data search-users \ --directory-id d-1234567890 \ --search-attributes 'SamAccountName' \ --Search-string 'john.doe'

輸出:

{ "Users": [ { "Enabled": true, "SAMAccountName": "john.doe", "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" } ], "DirectoryId": "d-1234567890", "Realm": "corp.example.com" }

如需詳細資訊,請參閱《AWS 目錄服務管理指南》中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱 AWS CLI 命令參考中的 SearchUsers

下列程式碼範例示範如何使用 update-group

AWS CLI

在目錄中更新群組的屬性

下列update-group範例會更新指定目錄中指定群組的指定屬性。

aws ds-data update-group \ --directory-id d-1234567890 \ --sam-account-name 'sales' \ --update-type 'REPLACE' \ --group-type 'Distribution'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI Command Reference 中的 UpdateGroup

下列程式碼範例示範如何使用 update-group

AWS CLI

在目錄中更新群組的屬性

下列update-group範例會更新指定目錄中指定群組的指定屬性。

aws ds-data update-group \ --directory-id d-1234567890 \ --sam-account-name 'sales' \ --update-type 'REPLACE' \ --group-type 'Distribution'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 群組的詳細資訊

  • 如需 API 詳細資訊,請參閱 AWS CLI Command Reference 中的 UpdateGroup

下列程式碼範例示範如何使用 update-user

AWS CLI

在目錄中更新使用者的屬性

下列update-user範例會更新指定目錄中指定使用者的指定屬性。

aws ds-data update-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe' \ --update-type 'ADD' \ --email-address 'example.corp.com'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 UpdateUser

下列程式碼範例示範如何使用 update-user

AWS CLI

在目錄中更新使用者的屬性

下列update-user範例會更新指定目錄中指定使用者的指定屬性。

aws ds-data update-user \ --directory-id d-1234567890 \ --sam-account-name 'john.doe' \ --update-type 'ADD' \ --email-address 'example.corp.com'

此命令不會產生輸出。

如需詳細資訊,請參閱《 AWS Directory Service Administration Guide》中的檢視和更新 AWS Managed Microsoft AD 使用者

  • 如需 API 詳細資訊,請參閱《AWS CLI 命令參考》中的 UpdateUser

下一個主題:

AWS DMS

上一個主題:

AWS Directory Service
隱私權網站條款Cookie 偏好設定
© 2025, Amazon Web Services, Inc.或其附屬公司。保留所有權利。