我会收到各种错误消息,具体取决于实现上述问题的各种尝试实现。这是我试图做的:
为用户创建分配组
//Get group object
$group = $graph->createRequest('GET', "/groups/xxxxx-xxxxx-xxxx-xxxx-xxxxx")
->setReturnType(Model\Group::class)
->execute();
$newUser = new Model\User();
$newUser->setGivenName($firstName);
$newUser->setSurname($surname);
$newUser->setUserPrincipalName($userPrincipalName.'@xxxxxx.com');
// $newUser->setUserType($userType);
// $newUser->setMySite($website);
$newUser->setPasswordProfile(["forceChangePasswordNextSignIn" => false,'password' => $pwd]);
$newUser->setDisplayName($firstName.' '.$surname);
$newUser->setMailNickname($firstName.$surname);
$newUser->setMemberOf([$group]);
$newUser->setAccountEnabled(true);
$user = $graph->createRequest($action, "/users")
->attachBody($newUser)
->setReturnType(Model\User::class)
->execute();
通过群组对象分配会员资格
//we get $user object from the last line above
$grp = $graph->createRequest('POST', "/groups/xxxxx-xxx-xxxx-xxxx-xxxxxxx/members/\$ref")
->attachBody(["@odata.id" => $graph->$_baseUrl.'/'.$graph->$_apiVersion.'/users/'.$user->id])
->setReturnType(Model\Group::class)
->execute();
以上策略均无效。我真的很感激指向我出错的地方。提前谢谢。
答案 0 :(得分:1)
我不确定是否支持您的第一种方法(在创建用户时将该组引用为memberOf的一部分)。
你的第二种方法有几个问题:
$graph->$_baseUrl和$graph->$_apiVersion,您试图引用$graph的私有属性,这是您无法做到的(因为它们是私有的)。有关visibility。id引用用户的$user->id属性。仅当$user具有名为id的公共属性(它没有)时,这才有效。相反,您需要为id使用getter:$user->getId()。可行的方法如下(这是您第二次尝试的轻微变化):
// Add $user as a member of $group
$newMemberRef = 'https://graph.microsoft.com/v1.0/users/' . $user->getId();
$groupMembersRef = '/groups/' . $group->getId() . '/members/$ref';
$response = $graph->createRequest('POST', $groupMembersRef)
->attachBody(['@odata.id' => $newMemberRef])
->execute();
(请注意,在这种情况下,我们引用user对象,但您也可以引用group对象,或者(更一般地)引用directoryObject对象。)