none
如何通过Azure SDK for .Net来管理Azure AD中的用户 RRS feed

  • 问题

  • 问题如题,如何通过代码(SDK)的方式来管理Azure AD中的用户,以及如何和本地AD进行同步?

    2015年11月12日 8:19

全部回复

  • Hi,

    >>通过代码(SDK)的方式来管理Azure AD中的用户

    你可以尝试这个Sample code来实现Graph API来管理Azure AD中的用户: https://github.com/Azure-Samples/active-directory-dotnet-graphapi-web,例子中Web.config下面的部分请注意使用中国版的终结点,其他的部分按照说明找到它们的值。

     

    ida:AADInstance值为:https://login.chinacloudapi.cn/{0}

    ida:GraphUrl值为:https://graph.chinacloudapi.cn

    >>如何和本地AD进行同步?

    关于将本地标识与 Azure Active Directory 集成请阅读:

    http://www.windowsazure.cn/documentation/articles/active-directory-aadconnect/

    Best Regards,

    Jambor


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.



    2015年11月12日 9:16
    版主
  • Hi,

    这里的TenantId在哪里可以找到?

    2015年11月12日 9:24
  • 如下图点击“查看端点”,出现的Guid值就是TenantId。


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    2015年11月12日 9:32
    版主
  • Hi,

    以下是我的代码,运行时报了一个错,错误信息:

    {"odata.error":{"code":"Authentication_MissingOrMalformed","message":{"lang":"en","value":"Access Token missing or malformed."},"values":null}}

    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Web;
    using System.Web.Mvc;
    using Microsoft.IdentityModel.Clients.ActiveDirectory;
    using Microsoft.Azure.ActiveDirectory.GraphClient;
    using System.Threading.Tasks;
    using Microsoft.Azure.ActiveDirectory.GraphClient.Extensions;
    using System.Threading;
    
    namespace HuzcWebRole.Controllers
    {
        public class AzureADController : Controller
        {
            //public string token;
    
            // GET: AzureAD
            public ActionResult Index()
            {
                return View();
            }
    
            public async Task<string> AcquireTokenAsync()
            {
                string result = GetAuthorizationHeader();
                return result;
            }
    
            public async Task<ActionResult> SelectAzureADUser()
            {
                //UserInfo ui = new UserInfo();
                //Microsoft.WindowsAzure.Management.Compute.
                var userList = new List<User>();
                ActiveDirectoryClient client = new ActiveDirectoryClient(new Uri(new Uri("https://graph.chinacloudapi.cn/"), "{TenantId}"), async () => await AcquireTokenAsync());
    
                string s = string.Empty;
    
                IPagedCollection<IUser> pagedCollection = await client.Users.ExecuteAsync();
                if (pagedCollection != null)
                {
                    do
                    {
                        List<IUser> usersList = pagedCollection.CurrentPage.ToList();
                        foreach (IUser user in usersList)
                        {
                            userList.Add((User)user);
                        }
                        pagedCollection = await pagedCollection.GetNextPageAsync();
                    } while (pagedCollection != null);
                }
    
                return View();
            }
    
            private string GetAuthorizationHeader()
            {
                AuthenticationResult result = null;
                var context = new AuthenticationContext("https://login.chinacloudapi.cn/{applicationId}");
    
                var thread = new Thread(() =>
                {
                    result = context.AcquireToken("https://management.core.chinacloudapi.cn/", "{clientId}", new Uri("{redirectUrl}"));
                });
    
                thread.SetApartmentState(ApartmentState.STA);
                thread.Name = "AquireTokenThread";
                thread.Start();
                thread.Join();
                if (result == null)
                {
                    throw new InvalidOperationException("Failed to obtain the JWT token");
                }
    
                string token = result.AccessToken;
                return token;
            }
    
        }
    }
    我不知道问题出在哪里,希望你可以帮助我解答这个疑问。

    2015年11月12日 9:40
  • 从你的代码看不出明显的问题,可以将你的代码发送给我么,这将有助于我们还原问题,建议你新建一个临时的Azure AD以免重要的信息外露,我的邮箱是v-jayao at Microsoft.com.

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    2015年11月12日 9:46
    版主
  • Hi,

    代码已发送到您的邮件,其实我有个疑问,这里的TenantId是不是上面所指的那个applicationId

    2015年11月13日 2:05
  • 请注意查看邮件,希望能解决你的问题。

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    2015年11月13日 5:16
    版主