This topic describes how to access a Windows host from a bastion host.

Prerequisites

  • SQL Server is selected as the engine of your ApsaraDB MyBase dedicated cluster.
  • The Grant OS Permissions parameter is set to Enabled when you create the ApsaraDB MyBase dedicated cluster. For more information, see Create a dedicated cluster.
  • A host account is created. For more information, see Create a host account.
Note For more information about how to access a Linux host from a bastion host, see Log on to a host by using a bastion host in Linux.

Authorize a bastion host account to access a Windows host

  1. Log on to the ApsaraDB MyBase console.
  2. In the upper-left corner of the page, select a region.
  3. Find the cluster that you want to manage and click Details in the Actions column.
  4. In the left-side navigation pane, click Bastion Hosts. Find the bastion host that you want to manage, click Associate with Bastion Host in the Actions column.
    Associate a bastion host with an ApsaraDB MyBase host
  5. Select the ApsaraDB MyBase host to which you want to log on and click Next.
    Next
  6. Create a bastion host account.
    1. Click Create Bastion Host Account. On the Create Bastion Host Account dialog box, configure the following parameters.
      Create an account
      Parameter Description
      Username The username of the account that can be used to log on to the bastion host. The username must meet the following requirements:
      • The username can be up to 50 characters in length.
      • The username contains at least three of the following types of characters: uppercase letters, lowercase letters, digits, and special characters.
      • Special characters are underscores (_), hyphens (-), commas (.), and percent signs (%).
      Password The password of the account that can be used to log on to the bastion host. The password must meet the following requirements:
      • The password can be 8 to 64 characters in length.
      • The password contains letters, digits, and special characters.
      • Special characters include at signs (@), number signs (#), and dollar signs ($).
      Confirm Password Enter the password of the account to confirm that you entered the correct password.
      Name Your name. You can enter up to 100 characters in length.
      Email Address Optional. Your e-mail address.
      Phone Number Optional. Your phone number.
    2. Click Create.
  7. Authorize the bastion host account to log on to the ApsaraDB MyBase host.
    1. Find the bastion host account and click Authorize Host in the Actions column. This way, you can log on to the Bastionhost console. Authorize the bastion host account to log on to the ApsaraDB MyBase host
    2. On the Users page, find the bastion host account and click Authorize Hosts in the Actions column. Authorize the bastion host account to log on to the ApsaraDB MyBase host
    3. On the Authorized Hosts tab, click Authorize Hosts.
    4. In the Authorize Hosts panel, select the ApsaraDB MyBase host to which you want to log on and click OK.
      Note After the authorization is completed, go to the Authorize Host wizard. Click View Authorized Hosts in the Authorized Host column to check the hosts to which you can log on by using the bastion host account.

Access the host from the bastion host

  1. Start RDC on your local host.
  2. Enter <Bastionhost O&M address>:63389 and click Connect.
    Start RDC
  3. In the Remote Desktop Connection dialog box that appears, click Yes.
    Identity authentication
  4. In the login dialog box that appears, enter the username and password used to access Bastionhost and click Login.
    login dialog box
  5. Optional:If multi-factor authentication (MFA) is enabled for a RAM user, enter the verification code obtained from the bound MFA device (the Alibaba Cloud app) in the Two Factor dialog box that appears and click Ok.
    Two Factor dialog box
  6. Select the Windows host.
    windows
  7. On the asset management page, double-click the authorized host that you want to access for O&M.
    Access the authorized host