创建具有组类型的Azure AD组，“统一”并“动态成员” Azure Powershell功能失败

发布于 2025-01-23 05:57:37 字数 1733 浏览 0 评论 0 原文

我正在使用 Moudule，在此帮助的帮助下，我试图创建一个类型的“统一”和“ DynamicMembership”类型的组。

因此，根据Microsoft Doc，这是我使用过的命令

Import-Module AzureADPreview -UseWindowsPowerShell

$tenantId = <my tenant id>
$clientId = <my client id>
$thumbprint = <my thumbprint>

Connect-AzureAD -TenantId $tenantId -ApplicationId $clientId -CertificateThumbprint $thumbprint

New-AzureADMSGroup -Description $description -DisplayName `
$displayName -MailEnabled $true -SecurityEnabled $true `
-MailNickname $nickName -GroupTypes "DynamicMembership", "Unified"
-MembershipRule '(user.department -contains "tech")' -MembershipRuleProcessingState $true

，但是我在Groptypes错误中始终获得无效的值。

在一种非常不同的方法中，我尝试首先使用统一类型创建组，然后重新查询同一组，并将Groutype添加到“ DynamicMembership”中，我希望它能起作用，但这也不是不起作用的t有任何区别。

就像这样 -

New-AzureADMSGroup -Description $description -DisplayName `
    $displayName -MailEnabled $true -SecurityEnabled $true `
    -MailNickname $nickName -GroupTypes "Unified"

$grp = Get-AzureADMSGroup -SearchString $displayName

if($grp -ne $null)
{
   [System.Collections.ArrayList]$groupTypes = $grp.GroupTypes
   $groupTypes.Add($dynamicGroupTypes)
    
   Set-AzureAdMsGroup -Id $grp.Id `
   -GroupTypes $dynamicGroupTypes `
   -MembershipRuleProcessingState "On" `
   -MembershipRule $memberShipRule
}

您能告诉我我做错了什么，这在Windows PowerShell中工作正常。我无法理解有关该杂种的畸形。

原文

I am using AzureAdPreview moudule and with the help of this I am trying to create a group with types "Unified" as well as "DynamicMembership".

So as per microsoft doc this is the command I have used

Import-Module AzureADPreview -UseWindowsPowerShell

$tenantId = <my tenant id>
$clientId = <my client id>
$thumbprint = <my thumbprint>

Connect-AzureAD -TenantId $tenantId -ApplicationId $clientId -CertificateThumbprint $thumbprint

New-AzureADMSGroup -Description $description -DisplayName `
$displayName -MailEnabled $true -SecurityEnabled $true `
-MailNickname $nickName -GroupTypes "DynamicMembership", "Unified"
-MembershipRule '(user.department -contains "tech")' -MembershipRuleProcessingState $true

But I am getting always invalid value provided in grouptypes error.

In an sligtly different approach, I have tried creating the group first with unified type, and then queried back the same group and appended grouptype to "DynamicMembership",I expected that to work but that also didn't make any difference.

Just like this -

New-AzureADMSGroup -Description $description -DisplayName `
    $displayName -MailEnabled $true -SecurityEnabled $true `
    -MailNickname $nickName -GroupTypes "Unified"

$grp = Get-AzureADMSGroup -SearchString $displayName

if($grp -ne $null)
{
   [System.Collections.ArrayList]$groupTypes = $grp.GroupTypes
   $groupTypes.Add($dynamicGroupTypes)
    
   Set-AzureAdMsGroup -Id $grp.Id `
   -GroupTypes $dynamicGroupTypes `
   -MembershipRuleProcessingState "On" `
   -MembershipRule $memberShipRule
}

Can you tell what I am doing wrong, this is working fine in a windows powershell. I am not able to understand what is malformed about that grouptypes.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

黎歌 2025-01-30 05:57:37

•您正在使用Azure函数中使用PowerShell命令来创建“统一”和“动态”组的命令中的一些基本错误。 Azure函数中的命令执行涉及仅使用'azureadpreview'模块。因此，您将必须从安装在PowerShell中的模块列表中卸载并删除“ Azuread” 模块。为此，请先执行以下命令： -

  Remove-Module AzureAD -ErrorAction SilentlyContinue

完成后，像您在所述命令中所做的那样，安装AzureadPreview Module 。然后，像您一样执行'Connect-azuread'命令。然后，按照我从头到尾执行我的执行，执行我在下面所述执行的命令。请不要忘记声明您在问题描述中所做的其他变量，'client ID'，'tenant id'和'thumbprint'： -

   $tenantId = 'my tenant id'
   $clientId = 'my client id'
   $thumbprint = 'my thumbprint'
   $description = ‘Description of the group’
   $displayName = ‘Display Name to be given’
   $nickName = ‘Any name of the group’

   Connect-AzureAD -TenantId $tenantId -ApplicationId $clientId -CertificateThumbprint $thumbprint

   New-AzureADMSGroup -Description $description -DisplayName $displayName -MailEnabled $true -SecurityEnabled $true -MailNickname $nickName -GroupTypes "DynamicMembership", "Unified" -MembershipRule “(user.department -contains “"tech"”)” -MembershipRuleProcessingState “On”

一旦按原样执行上述命令，命令将在Azure函数中成功执行，而不会出现任何错误或问题。

• You are making some basic mistakes in the command that you are using for creating a ‘Unified’ and ‘Dynamic’ group through using powershell command in the Azure function. The command execution in Azure function involves the use of ‘AzureADPreview’ module only. Thus, you will have to uninstall and remove the ‘AzureAD’ module from your list of modules installed in powershell. For this purpose, execute the below command first: -

  Remove-Module AzureAD -ErrorAction SilentlyContinue

Once done, then install the AzureADPreview module as you have done in your stated command. Then, execute the ‘Connect-AzureAD’ command as you have done. Then, execute the command as stated by me below for errorless execution as it is from start to end. Please do not forget to declare the other variables that you did in your question description for ‘Client ID’, ‘Tenant ID’ and ‘Thumbprint’: -

   $tenantId = 'my tenant id'
   $clientId = 'my client id'
   $thumbprint = 'my thumbprint'
   $description = ‘Description of the group’
   $displayName = ‘Display Name to be given’
   $nickName = ‘Any name of the group’

   Connect-AzureAD -TenantId $tenantId -ApplicationId $clientId -CertificateThumbprint $thumbprint

   New-AzureADMSGroup -Description $description -DisplayName $displayName -MailEnabled $true -SecurityEnabled $true -MailNickname $nickName -GroupTypes "DynamicMembership", "Unified" -MembershipRule “(user.department -contains “"tech"”)” -MembershipRuleProcessingState “On”

Once the above command is executed as it is, your command will be executed successfully in Azure function without any error or issue.

回复收藏 0 原文

~没有更多了~