我正在研究一个Python脚本,该脚本从AD和Graph API(v1.0)中提取用户数据,以对遇到帐户问题(邮箱问题,配置等)的用户执行“运行状况检查”。
我目前正在寻找与PowerShell命令等效的图形:
Get-MsolUser -UserPrincipalName MAIL_ADDRESS@domain.com).errors[0].ErrorDetail.objecterrors.errorrecord.ErrorDescription
我花了一些时间搜索GraphAPI文档,甚至拨通了响应对象本身的模板,但是找不到除高级面值属性之外的任何返回的用户对象属性(诸如UPN,电话号码等。分机属性是我可以找到的仅有的远程深入属性,甚至还不是很详细。)
有人知道该Powershell命令的等效图吗,或者即使有其他方法可以从Exchange服务器中提取一些更深层次的用户对象数据,那也很棒!
答案 0 :(得分:0)
在下面的链接中,您可以找到可以在Azure AD上执行的操作的列表
要获取用户详细信息,可以从powershell调用以下api:
获取https://graph.windows.net/myorganization/users/ {user_id}?api版本
要从powershell调用它,您可以按照以下代码段进行操作,只需将下面的api网址替换为用户特定的网址即可。
$response = Invoke-WebRequest -Uri "https://main.b2cadmin.ext.azure.com/api/trustframework?tenantId=$AzureSubscriptionTenantId&overwriteIfExists=$overwriteIfExists" -Method POST -Body $strBody -ContentType "application/xml" -Headers $htHeaders -UseBasicParsing -ErrorAction SilentlyContinue
可以返回具有以下详细信息的json对象:
"odata.metadata": "https://graph.windows.net/myorganization/$metadata#directoryObjects/Microsoft.DirectoryServices.User/@Element",
"odata.type": "Microsoft.DirectoryServices.User",
"objectType": "User",
"objectId": "13addec1-c5ae-47f5-a1fe-202be14b1570",
"deletionTimestamp": null,
"accountEnabled": true,
"signInNames": [],
"assignedLicenses": [
{
"disabledPlans": [],
"skuId": "6fd2c87f-b296-42f0-b197-1e91e994b900"
}
],
"assignedPlans": [
{
"assignedTimestamp": "2014-10-14T02:54:04Z",
"capabilityStatus": "Enabled",
"service": "exchange",
"servicePlanId": "efb87545-963c-4e0d-99df-69c6916d9eb0"
},
{
"assignedTimestamp": "2014-10-14T02:54:04Z",
"capabilityStatus": "Enabled",
"service": "SharePoint",
"servicePlanId": "5dbe027f-2339-4123-9542-606e4d348a72"
},
{
"assignedTimestamp": "2014-10-14T02:54:04Z",
"capabilityStatus": "Enabled",
"service": "SharePoint",
"servicePlanId": "e95bec33-7c88-4a70-8e19-b10bd9d0c014"
},
{
"assignedTimestamp": "2014-10-14T02:54:04Z",
"capabilityStatus": "Enabled",
"service": "MicrosoftCommunicationsOnline",
"servicePlanId": "0feaeb32-d00e-4d66-bd5a-43b5b83db82c"
},
{
"assignedTimestamp": "2014-10-14T02:54:04Z",
"capabilityStatus": "Enabled",
"service": "MicrosoftOffice",
"servicePlanId": "43de0ff5-c92c-492b-9116-175376d08c38"
},
{
"assignedTimestamp": "2014-10-14T02:54:04Z",
"capabilityStatus": "Enabled",
"service": "RMSOnline",
"servicePlanId": "bea4c11e-220a-4e6d-8eb8-8ea15d019f90"
}
],
"city": "Tulsa",
"country": "United States",
"creationType": null,
"department": "Sales & Marketing",
"dirSyncEnabled": null,
"displayName": "Garth Fort",
"facsimileTelephoneNumber": null,
"givenName": "Garth",
"immutableId": null,
"jobTitle": "Web Marketing Manager",
"lastDirSyncTime": null,
"mail": "garthf@a830edad9050849NDA1.onmicrosoft.com",
"mailNickname": "garthf",
"mobile": null,
"onPremisesSecurityIdentifier": null,
"otherMails": [],
"passwordPolicies": "None",
"passwordProfile": null,
"physicalDeliveryOfficeName": "20/1101",
"postalCode": "74133",
"preferredLanguage": "en-US",
"provisionedPlans": [
{
"capabilityStatus": "Enabled",
"provisioningStatus": "Success",
"service": "exchange"
},
{
"capabilityStatus": "Enabled",
"provisioningStatus": "Success",
"service": "MicrosoftCommunicationsOnline"
},
{
"capabilityStatus": "Enabled",
"provisioningStatus": "Success",
"service": "SharePoint"
},
{
"capabilityStatus": "Enabled",
"provisioningStatus": "Success",
"service": "SharePoint"
},
{
"capabilityStatus": "Enabled",
"provisioningStatus": "Success",
"service": "MicrosoftOffice"
}
],
"provisioningErrors": [],
"proxyAddresses": [
"SMTP:garthf@a830edad9050849NDA1.onmicrosoft.com"
],
"sipProxyAddress": "garthf@a830edad9050849NDA1.onmicrosoft.com",
"state": "OK",
"streetAddress": "7633 E. 63rd Place, Suite 300",
"surname": "Fort",
"telephoneNumber": "+1 918 555 0101",
"usageLocation": "US",
"userPrincipalName": "garthf@a830edad9050849NDA1.onmicrosoft.com",
"userType": "Member"
}
这是用于调用相同api的python等效代码:
########### Python 2.7 #############
import httplib, urllib, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = httplib.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/users/{user_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
# OAuth2 is required to access this API. For more information visit: https://msdn.microsoft.com/en-us/office/office365/howto/common-app-authentication-tasks
headers = {
}
params = urllib.parse.urlencode({
# Specify values for the following required parameters
'api-version': '1.6',
})
try:
conn = http.client.HTTPSConnection('graph.windows.net')
# Specify values for path parameters (shown as {...}) and request body if needed
conn.request("GET", "/myorganization/users/{user_id}?%s" % params, "", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
希望这会帮助您找到想要的东西。 让我知道是否要从Powershell调用它,我可以为您提供命令帮助。