MS Graph API C#将用户添加到组

Question

我一直在调查如何使用Microsoft Graph API(nuget上可用的dotnet/C#库)从Azure AD组添加(以及稍后删除)用户.

Nuget MS Graph API

忽略所有其他的连接GraphServiceClient等等.我正在尝试与下面的示例非常相似的代码,没有得到任何异常(建议事情很好)但是当我再次通过API获得该组时,它仍然没有任何成员!

有趣的是(作为旁白),当我memberOf在user对象上请求属性并告诉它扩展它时,它仍然返回null.

var user = await client.Users[userPrincipalName]
             .Request()
               .Select("id,memberOf")
                 .Expand("memberOf")
                   .GetAsync();

var group = await client.Groups[groupId]
              .Request()
                .Select("members")
                  .Expand("members")
                    .GetAsync();

group.Members.Add(user);

await client.Groups[groupId].Request().UpdateAsync(group);

// userPrincipalName => "test.user@mytenant.com"
// groupId => the object GUID for the group

有谁知道我在这里做错了什么？我用来提供此代码的文档基于以下文档的链接:

'group'的API文档

将成员添加到组

此外,我尝试在此处建议的解决方案上设置方法,为用户设置许可证:

通过Graph API分配用户许可证

像往常一样,谢谢你的帮助.

彼得

额外

我也尝试在图API中寻找可能更新.Members属性/资源而不是组本身:

await client.Groups[groupId].Members.Request(). // <-- Only has GetAsync()

但它只有GetAync()可用的方法.

根据答案更新

var usersGroups = await client.Users[userPrincipalName].MemberOf.Request().GetAsync();

if (!usersGroups.Any(g => g is Group && g.Id == groupId))
{
    // User is not a member of the group, add them.
    var user = await client.Users[userPrincipalName].Request().Select("id").GetAsync();
    await client.Groups[groupId].Members.References.Request().AddAsync(user);
}

我已根据答案添加了上面的代码片段,因为我认为它简洁地回答了有关添加成员的问题.

感谢Nan Yu的回答.

Answer 1

要将用户添加到Group,您可以使用:

User userToAdd = await graphClient.Users["objectID"].Request().GetAsync(); 
await graphClient.Groups["groupObjectID"].Members.References.Request().AddAsync(userToAdd);

要获得组的成员:

        List<ResultsItem> items = new List<ResultsItem>();

        // Get group members. 
        IGroupMembersCollectionWithReferencesPage members = await graphClient.Groups[id].Members.Request().GetAsync();

        if (members?.Count > 0)
        {
            foreach (User user in members)
            {
                // Get member properties.
                items.Add(new ResultsItem
                {
                    Properties = new Dictionary<string, object>
                    {
                        { Resource.Prop_Upn, user.UserPrincipalName },
                        { Resource.Prop_Id, user.Id }
                    }
                });
            }
        }

获取当前用户是其直接成员的组,您可以尝试:

IUserMemberOfCollectionWithReferencesPage memberOfGroups = await graphClient.Users["testnanyu@testbasic1.onmicrosoft.com"].MemberOf.Request().GetAsync();

            if (memberOfGroups?.Count > 0)
            {
                foreach (var directoryObject in memberOfGroups)
                {

                    // We only want groups, so ignore DirectoryRole objects.
                    if (directoryObject is Group)
                    {
                        Group group = directoryObject as Group;
                        items.Add(new ResultsItem
                        {
                            Display = group.DisplayName,
                            Id = group.Id
                        });
                    }

                }
            }