如何将自定义属性添加到Windows Azure Active Directory用户帐户?

时间:2013-10-11 13:28:03

标签: azure

我想在Windows Azure Active Directory用户中添加特定于用户的自定义属性,例如LeavePolicyId。

我尝试了不同的方法 - 使用PowerShell CmdLets,使用Azure WAAD Graph API,显然是通过Azure Managementment门户UI。但所有努力都没有给我一个解决方案。

我在此处看到了现有的属性列表 - http://technet.microsoft.com/en-us/library/dn194096.aspx。但我想添加自定义的。

如果有其他方法可以解决这个问题,请告诉我?

谢谢,

2 个答案:

答案 0 :(得分:2)

您可以使用ExtendedProperty,将属性添加到AAD(Azure Active Directory)中的App寄存器给用户,然后将值添加到... 

            ExtensionProperty identidadSecreta = new ExtensionProperty
            {
                Name = "LaIdentidadSecreta",
                DataType = "String",
                TargetObjects = { "User" }
            };

            myApplication.ExtensionProperties.Add(identidadSecreta);
            await myApplication.UpdateAsync();
            client.Context.SaveChanges();

然后给用户:

            User user = null;
        try
        {
            ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient();
            user = (User)await client.Users.GetByObjectId(objectId).ExecuteAsync();
            user.SetExtendedProperty("extension_e99c8a1afb544da491b098931b0a2ad8_LaidentidadSecreta", "Bruno Días");
            await user.UpdateAsync();

获取价值:

                string extensionValue = (String)user.GetExtendedProperties()["extension_e99c8a1afb544da491b098931b0a2ad8_LaidentidadSecreta"];// The Guid is the App Guid.

要注意this !!!幸运的是,如果您初始化ActiveDirectoryClient并使用Microsoft.Data.Services.Client版本5.7.0将起作用。

    //////
    private static void UndeclaredPropertyHandler(MessageWriterSettingsArgs args)
    {
        var field = args.Settings.GetType().GetField("settings",
          BindingFlags.NonPublic | BindingFlags.Instance);
        var settingsObject = field?.GetValue(args.Settings);
        var settings = settingsObject as ODataMessageWriterSettings;
        if (settings != null)
        {
            settings.UndeclaredPropertyBehaviorKinds =
               ODataUndeclaredPropertyBehaviorKinds.SupportUndeclaredValueProperty;
        }
    }

    public async Task<ActionResult> SomeMethod(string objectId)
    {
        User user = null;
        try
        {
            // forma normal
            ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient();
            // #adicional
            client.Context
                  .Configurations.RequestPipeline
                  .OnMessageWriterSettingsCreated(UndeclaredPropertyHandler);
            // #adicional

答案 1 :(得分:0)

看起来有一种方法可以通过Graph API实现这一点......它看起来不像扩展AD DS架构......但是Azure AD看起来并不像那样。

http://blogs.msdn.com/b/aadgraphteam/archive/2013/06/24/extending-the-windows-azure-graph-using-the-windows-azure-graph-store.aspx

那篇文章有更多信息...

相关问题
最新问题