创建 AD 用户并同时添加到组?

Create AD user and add to group at the same time?

我知道如何创建 AD B2C 用户,以及如何通过图表将他们添加到组中 API。我正在我的 Azure 函数中执行此操作。我想知道的是,是否可以同时创建用户并将他们添加到组中?如果没有,那么我想我将不得不处理创建用户但未能添加到组中的潜在情况。这种情况的可能性有多大?我正在努力确保涵盖所有故障情况的所有基础,因此我们将不胜感激。谢谢。

您似乎想对这些类型的请求使用 Batch Processing

这是他们 post 在文章中提出的示例请求: 以下示例显示了包含五个项目的批处理请求:

  1. 创建用户 testuser@contoso.onmicrosoft.com (POST) 的变更集。此操作包括 Prefer: response-no-content header 以抑制返回新创建的用户。
  2. 更新新用户 (PATCH) 的 Department 和 Job Title 属性并设置其经理导航 属性 (PUT) 的更改集。
  3. 查询新用户的管理员 (GET)。
  4. 删除新用户 (DELETE) 的更改集。
  5. 用户查询 (GET)。此操作将失败,因为用户已在上一步中删除。

    POST https://graph.windows.net/contoso.onmicrosoft.com/$batch?api-version=1.5 HTTP/1.1
    Authorization: Bearer ey … jQA
    Content-Type: multipart/mixed; boundary=batch_36522ad7-fc75-4b56-8c71-56071383e77b 
    Host: graph.windows.net
    Content-Length: 2961
    
    --batch_36522ad7-fc75-4b56-8c71-56071383e77b 
    Content-Type: multipart/mixed; boundary=changeset_77162fcd-b8da-41ac-a9f8-9357efbbd620 
    Content-Length: 631       
    
    --changeset_77162fcd-b8da-41ac-a9f8-9357efbbd620 
    Content-Type: application/http 
    Content-Transfer-Encoding: binary 
    
    POST /contoso.onmicrosoft.com/users?api-version=1.5 HTTP/1.1
    Content-Type: application/json
    Accept: application/json
    Content-Length: 256
    Prefer: return-no-content
    Host: graph.windows.net
    
    {
        "accountEnabled": true,
        "displayName": "Test User",
        "mailNickname": "testuser",
        "passwordProfile": { "password" : "Test1234", "forceChangePasswordNextLogin": false },
        "userPrincipalName": "testuser@contoso.onmicrosoft.com"
    }
    
    --changeset_77162fcd-b8da-41ac-a9f8-9357efbbd620----batch_36522ad7-fc75-4b56-8c71-56071383e77b 
    Content-Type: multipart/mixed; boundary=changeset_4b2cbfb7-011d-4edb-8bbf-e044f9830aaf 
    Content-Length: 909
    
    --changeset_4b2cbfb7-011d-4edb-8bbf-e044f9830aaf 
    Content-Type: application/http 
    Content-Transfer-Encoding: binary 
    
    PATCH /contoso.onmicrosoft.com/users/testuser@contoso.onmicrosoft.com?api-version=1.5 HTTP/1.1
    Content-Type: application/json
    Accept: application/json
    Content-Length: 72
    Host: graph.windows.net
    
    {
        "department": "Engineering",
        "jobTitle": "Test Engineer"
    }
    
    --changeset_4b2cbfb7-011d-4edb-8bbf-e044f9830aaf 
    Content-Type: application/http 
    Content-Transfer-Encoding: binary 
    
    PUT /contoso.onmicrosoft.com/users/testuser@contoso.onmicrosoft.com/$links/manager?api-version=1.5 HTTP/1.1
    Content-Type: application/json
    Accept: application/json
    Content-Length: 112
    Host: graph.windows.net
    
    {
      "url":"https://graph.windows.net/contoso.onmicrosoft.com/users/a71e4d1c-ce99-40dc-8d4b-390eac63e039"
    }
    
    --changeset_4b2cbfb7-011d-4edb-8bbf-e044f9830aaf----batch_36522ad7-fc75-4b56-8c71-56071383e77b 
    Content-Type: application/http 
    Content-Transfer-Encoding:binary
    
    GET /contoso.onmicrosoft.com/users/testuser@contoso.onmicrosoft.com/$links/manager?api-version=1.5 HTTP/1.1
    Accept: application/json
    Host: graph.windows.net
    
    --batch_36522ad7-fc75-4b56-8c71-56071383e77b 
    Content-Type: multipart/mixed; boundary=changeset_9a0b5878-0f4a-4f57-91c5-9792cdd5ef20 
    Content-Length: 331       
    
    --changeset_9a0b5878-0f4a-4f57-91c5-9792cdd5ef20 
    Content-Type: application/http 
    Content-Transfer-Encoding: binary 
    
    DELETE /contoso.onmicrosoft.com/users/testuser@contoso.onmicrosoft.com?api-version=1.5 HTTP/1.1
    Accept: application/json
    Host: graph.windows.net
    
    
    --changeset_9a0b5878-0f4a-4f57-91c5-9792cdd5ef20----batch_36522ad7-fc75-4b56-8c71-56071383e77b 
    Content-Type: application/http 
    Content-Transfer-Encoding:binary
    
    GET /contoso.onmicrosoft.com/users/testuser@contoso.onmicrosoft.com?api-version=1.5 HTTP/1.1
    Accept: application/json
    Host: graph.windows.net
    
    --batch_36522ad7-fc75-4b56-8c71-56071383e77b--