我试图通过组名列表从AAD中检索用户列表。
此代码:
var roleGroups = new string[] { "Group Name 1", "Group Name 2" };
ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient();
var users = client.Users.Where(u => u.CheckMemberGroupsAsync(roleGroups).Result.Any());
抛出:
在类型上声明的CheckMemberGroupsAsync ' Microsoft.Azure.ActiveDirectory.GraphClient.IDirectoryObject'不能 用类型实例调用 ' Microsoft.Azure.ActiveDirectory.GraphClient.Internal.User'
我也尝试过:
client.Users.Where(u =>((User)u).MemberOf.OfType<Group>()
.Any(g => roleGroups.Contains(g.DisplayName))).ExecuteAsync()
.Result.CurrentPage.Select(u => (User)u).ToList();
和
client.Users.Where(u => u.GetMemberGroupsAsync(null).Result.Any(g => roleGroups.Contains(g)));
抛出:
在类型上声明的GetMemberGroupsAsync &#39; Microsoft.Azure.ActiveDirectory.GraphClient.IDirectoryObject&#39;不能 用类型实例调用 &#39; Microsoft.Azure.ActiveDirectory.GraphClient.Internal.User&#39;
如何通过组名列表获取用户列表(Microsoft.Azure.ActiveDirectory.GraphClient.User)?
答案 0 :(得分:1)
我找到了一种方法。
var groupUsers = new List<User>();
foreach (var groupName in roleGroups)
{
var groups = client.Groups.Where(g => g.DisplayName == groupName).Expand(g => g.Members)
.ExecuteAsync()
.Result.CurrentPage.ToList();
var users = groups.SelectMany(g => g.Members.CurrentPage.Select(m => m as User)).Where(u => u != null);
if (users.Any())
{
groupUsers.AddRange(users);
}
}
但我仍然相信有更好的解决方案。
请注意Expand(g => g.Members)将返回最多20个对象。此外,如果Azure AD中有大量用户,则必须遍历所有页面,而不仅仅是g.Members.CurrentPage