在 Azure Powershell 中添加组成员

问题描述 投票:0回答:1

我正在尝试编写一个脚本来在 PowerShell 的组中添加成员,我写的下面的脚本对我来说似乎是正确的,但它不起作用。请帮助

   $grpname = Read-Host "Please enter group name:"
   $group = Get-AzureADGroup -filter "DisplayName eq '$grpname'"
   $groupId = $group.ObjectId

   $job = Read-Host "Please enter Job title:"
   $userjob = Get-AzADUser -filter "Jobtitle eq '$job'"
   $userId = $userjob.Id

   foreach ($userId in $userIds) {
   Add-AzureADGroupMember -ObjectId $groupId -RefObjectId $userId
   }
   Write-Output " You can see bellow members of ($grpname) : "
   Get-AzureADGroupMember -ObjectId "$groupId"
powershell azure-active-directory azure-powershell
1个回答
0
投票

除了 Halfix 在他们的评论中提到的,您的代码没有什么特别的错误,唯一可能发生的事情是没有发现用户的 

jobTitle
等于 
$job
中的用户输入。另外,您应该将代码迁移到 Graph 模块,因为 AzureAD 模块将很快被弃用:

以下是使用 Graph Cmdlet 时代码的外观:

$grpname = Read-Host "Please enter group name"
$group = Get-MgGroup -Filter "DisplayName eq '$grpname'"

if(-not $group) {
    return "No group found with displayName '$grpName'"
}

if($group.Count -gt 1) {
    return "Multiple groups found with displayName '$grpName'"
}

$job = Read-Host "Please enter Job title"

$users = Get-MgUser -Filter "jobTitle eq '$job'"

if(-not $users) {
    return "No users found with jobTitle '$job'"
}

foreach($user in $users) {
    New-MgGroupMember -GroupId $group.Id -DirectoryObjectId $user.Id
}

"You can see bellow members of ($grpname):"
Get-MgGroupMember -GroupId $group.Id

执行此操作所需的权限是GroupMember.ReadWrite.All 和User.ReadWrite.All。请参阅 Graph API 文档的权限部分。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.