This topic describes how to access a Windows host from a bastion host.
Prerequisites
SQL Server is selected as the engine of your ApsaraDB for MyBase dedicated cluster.
The Grant OS Permissions parameter is set to Enabled when you create the ApsaraDB for MyBase dedicated cluster. For more information, see Create a dedicated cluster.
A host account is created. For more information, see Create a host account.
For more information about how to access a Linux host from a bastion host, see Log on to a host by using a bastion host in Linux.
Authorize a bastion host account to access a Windows host
Log on to the ApsaraDB for MyBase console.
In the upper-left corner of the page, select a region.
Find the cluster that you want to manage and click Details in the Actions column.
In the left-side navigation pane, click Bastion Hosts. Find the bastion host that you want to manage, and click Associate with Bastion Host in the Actions column.
Select the ApsaraDB for MyBase host to which you want to log on and click Next.
Create a bastion host account.
Click Create Bastion Host Account. On the Create Bastion Host Account dialog box, configure the following parameters.
Parameter
Description
Username
The username of the account that can be used to log on to the bastion host. The username must meet the following requirements:
The username can be up to 50 characters in length.
The username contains at least three of the following types of characters: uppercase letters, lowercase letters, digits, and special characters.
Special characters are
underscores (_), hyphens (-), commas (.), and percent signs (%).
Password
The password of the account that can be used to log on to the bastion host. The password must meet the following requirements:
The password can be 8 to 64 characters in length.
The password contains letters, digits, and special characters.
Special characters include
at signs (@), number signs (#), and dollar signs ($).
Confirm Password
Enter the password of the account to confirm that you entered the correct password.
Name
Your name. You can enter up to 100 characters in length.
Email Address
Optional. Your e-mail address.
Phone Number
Optional. Your phone number.
Click Create.
Authorize the bastion host account to log on to the ApsaraDB for MyBase host.
Find the bastion host account and click Authorize Host in the Actions column. This way, you can log on to the Bastionhost console.
On the Users page, find the bastion host account and click Authorize Hosts in the Actions column.
On the Authorized Hosts tab, click Authorize Hosts.
In the Authorize Hosts panel, select the ApsaraDB for MyBase host to which you want to log on and click OK.
NoteAfter the authorization is completed, go to the Authorize Host wizard. Click View Authorized Hosts in the Authorized Host column to check the hosts to which you can log on by using the bastion host account.
Access the host from the bastion host
Start RDC on your local host.
Enter
<O&M address of a bastion host>:63389and click Connect.
In the Remote Desktop Connection dialog box, click Yes.
Enter the username and password of the account that is used to log on to the bastion host and click Login.
Optional: If multi-factor authentication (MFA) is enabled for the RAM user, enter the verification code obtained from the bound MFA device (the Alibaba Cloud app) and press Enter.
Select the Windows host.
On the asset management page, double-click the host to which you want to connect from the bastion host.
