Question

我已经设法通过

从AAD获得了我想要的群组

ActiveDirectoryClient activeDirectoryClient = new ActiveDirectoryClient(serviceRoot,
              async () => await GetTokenForApplication());

        // use the token for querying the graph to get the user details

        var result = await activeDirectoryClient.Groups.Where(u => u.DisplayName.Equals("myGroupName")).ExecuteAsync();

但是我不确定如何遍历我获得的组并将该组中的所有用户添加到列表中。

Answer 1

这样做：

List<IGroup> groups = result.CurrentPage.ToList();
foreach (IGroup group in groups)
{
    // do whatever you need to
}

修改

IGroup有和属性允许我获取该组中的用户，例如成员

是的，但您需要明确要求扩展它。以下是如何获取该组的所有用户：

var groups = await activeDirectoryClient.Groups .Where(g => g.DisplayName == groupName).Expand(g => g.Members) .ExecuteAsync(); var usersForGroup = new List<User>(); foreach(IGroup thisGroup in groups) { do { var thisGroupUsers = thisGroup.Members.CurrentPage.Select(m => m as User)).Where(u => u != null); allUsers.AddRange(thisGroupUsers); // get next page asynchronously await thisGroup.Members.GetNextPageAsync(); } while(thisGroup.Members.MorePagesAvailable) }

Answer 2

如果您拥有该组的对象ID，则可以在图API中使用此URL获取直接成员：

https://graph.windows.net/myorganization/groups/{object_id}/$links/members?api-version

您在代码中获得的IGroup结果（例如，使用result.First()）确实包含Members属性，您可以使用该属性遍历成员。

您可以使用IGroupFetcher来检索群组成员：

var group = await adClient.Groups.Where(g => g.ObjectId == groupObjectId).ExecuteSingleAsync();
IGroupFetcher groupfetcher = (Group)group;
var membersResult = await groupfetcher.Members.ExecuteAsync();

var more = true;
while (more)
{
    foreach (var member in membersResult.CurrentPage) 
    {
    //... remember to handle that members can be other groups
    }
    if (!membersResult.MorePagesAvailable)
    {
        more = false;
    }
    else
    {
        // get next page in results
        membersResult = await membersResult.GetNextPageAsync();
    }
}

MVC5如何遍历azure活动目录用户组

2 个答案: