控制对 Office 365 组的外部访问
Control external access pr Office 365 groups
是否可以从 c# enable/disable 外部访问 pr 365 组。我可以看到某些 PowerShell cmd 有一个名为 AllowGuestsUsers 的 属性,但我在 Microsoft Graph 或类似软件中找不到任何内容?
这些设置通过 Microsoft Graph group settings 进行管理。可以设置设置tenant-wide(影响所有组),也可以针对特定组设置(只影响该组)。
下面是几个使用 Microsoft Graph SDK for .NET 的示例来说明如何更改这些设置:
禁止来宾用户访问 Office 365 组
下面的示例更新了 Office 365 组中来宾用户的 tenant-wide 设置,以禁止添加来宾用户,并禁止现有来宾用户访问组内容。它大致相当于 Use PowerShell to control guest access.
中描述的步骤
var groupSettingsName = "Group.Unified";
// Get the group settings
var groupSettingsResult = await graph.GroupSettings.Request().GetAsync();
var groupSettings = groupSettingsResult
.FirstOrDefault(s => s.DisplayName == groupSettingsName);
// If these settings don't exist, add them (with their default values)
if (groupSettings == null)
{
// Get the settings template
var groupSettingsTemplates = await graph.GroupSettingTemplates.Request().GetAsync();
var unifiedGroupSettingTemplate = groupSettingsTemplates
.First(g => g.DisplayName == groupSettingsName);
// Create a new setting based on the template
var newGroupSettings = new GroupSetting()
{
TemplateId = unifiedGroupSettingTemplate.Id,
Values = unifiedGroupSettingTemplate.Values.Select(
v => new SettingValue()
{
Name = v.Name,
Value = v.DefaultValue
})
};
// Create the settings
groupSettings = await graph.GroupSettings.Request().AddAsync(newGroupSettings);
}
// Update settings (if needed)
var settings = groupSettings.Values.ToDictionary(x => x.Name, x => x);
if (settings["AllowToAddGuests"].Value.ToLower() != "false"
|| settings["AllowGuestsToAccessGroups"].Value.ToLower() != "false")
{
settings["AllowGuestsToAccessGroups"].Value = "false";
settings["AllowToAddGuests"].Value = "false";
await graph.GroupSettings[groupSettings.Id].Request()
.UpdateAsync(new GroupSetting() { Values = settings.Values });
}
禁止将来宾用户添加到特定的 Office 365 组
在下面的示例中,我们在特定 组上设置了一项设置,以禁止将其他来宾用户添加到该组。
var groupGuestSettingsName = "Group.Unified.Guest";
// Get the group in question
var groupResult = await graph.Groups.Request()
.Filter("displayName eq 'Test_Office365_group'").GetAsync();
var group = groupResult.First();
// Get the group's settings relating to guests
var groupSettingsResult = await graph.Groups[group.Id].Settings.Request().GetAsync();
var groupSettings = groupSettingsResult
.FirstOrDefault(s => s.DisplayName == groupGuestSettingsName);
// If these settings don't exist on the group, add them (with their default values)
if (groupSettings == null)
{
// Get the settings template
var groupSettingsTemplates = await graph.GroupSettingTemplates.Request().GetAsync();
var unifiedGroupGuestSettingTemplate = groupSettingsTemplates
.First(g => g.DisplayName == groupGuestSettingsName);
// Create a new group setting based on the template
var newGroupSettings = new GroupSetting()
{
TemplateId = unifiedGroupGuestSettingTemplate.Id,
Values = unifiedGroupGuestSettingTemplate.Values.Select(
v => new SettingValue()
{
Name = v.Name,
Value = v.DefaultValue
})
};
// Add these settings to the group
groupSettings = await graph.Groups[group.Id].Settings.Request().AddAsync(newGroupSettings);
}
// Change AllowToAddGuests setting to false, if needed
var settings = groupSettings.Values.ToDictionary(x => x.Name, x => x);
if (settings["AllowToAddGuests"].Value.ToLower() != "false")
{
settings["AllowToAddGuests"].Value = "False";
await graph.GroupSettings[groupSettings.Id].Request()
.UpdateAsync(new GroupSetting() { Values = settings.Values });
}
是否可以从 c# enable/disable 外部访问 pr 365 组。我可以看到某些 PowerShell cmd 有一个名为 AllowGuestsUsers 的 属性,但我在 Microsoft Graph 或类似软件中找不到任何内容?
这些设置通过 Microsoft Graph group settings 进行管理。可以设置设置tenant-wide(影响所有组),也可以针对特定组设置(只影响该组)。
下面是几个使用 Microsoft Graph SDK for .NET 的示例来说明如何更改这些设置:
禁止来宾用户访问 Office 365 组
下面的示例更新了 Office 365 组中来宾用户的 tenant-wide 设置,以禁止添加来宾用户,并禁止现有来宾用户访问组内容。它大致相当于 Use PowerShell to control guest access.
中描述的步骤var groupSettingsName = "Group.Unified";
// Get the group settings
var groupSettingsResult = await graph.GroupSettings.Request().GetAsync();
var groupSettings = groupSettingsResult
.FirstOrDefault(s => s.DisplayName == groupSettingsName);
// If these settings don't exist, add them (with their default values)
if (groupSettings == null)
{
// Get the settings template
var groupSettingsTemplates = await graph.GroupSettingTemplates.Request().GetAsync();
var unifiedGroupSettingTemplate = groupSettingsTemplates
.First(g => g.DisplayName == groupSettingsName);
// Create a new setting based on the template
var newGroupSettings = new GroupSetting()
{
TemplateId = unifiedGroupSettingTemplate.Id,
Values = unifiedGroupSettingTemplate.Values.Select(
v => new SettingValue()
{
Name = v.Name,
Value = v.DefaultValue
})
};
// Create the settings
groupSettings = await graph.GroupSettings.Request().AddAsync(newGroupSettings);
}
// Update settings (if needed)
var settings = groupSettings.Values.ToDictionary(x => x.Name, x => x);
if (settings["AllowToAddGuests"].Value.ToLower() != "false"
|| settings["AllowGuestsToAccessGroups"].Value.ToLower() != "false")
{
settings["AllowGuestsToAccessGroups"].Value = "false";
settings["AllowToAddGuests"].Value = "false";
await graph.GroupSettings[groupSettings.Id].Request()
.UpdateAsync(new GroupSetting() { Values = settings.Values });
}
禁止将来宾用户添加到特定的 Office 365 组
在下面的示例中,我们在特定 组上设置了一项设置,以禁止将其他来宾用户添加到该组。
var groupGuestSettingsName = "Group.Unified.Guest";
// Get the group in question
var groupResult = await graph.Groups.Request()
.Filter("displayName eq 'Test_Office365_group'").GetAsync();
var group = groupResult.First();
// Get the group's settings relating to guests
var groupSettingsResult = await graph.Groups[group.Id].Settings.Request().GetAsync();
var groupSettings = groupSettingsResult
.FirstOrDefault(s => s.DisplayName == groupGuestSettingsName);
// If these settings don't exist on the group, add them (with their default values)
if (groupSettings == null)
{
// Get the settings template
var groupSettingsTemplates = await graph.GroupSettingTemplates.Request().GetAsync();
var unifiedGroupGuestSettingTemplate = groupSettingsTemplates
.First(g => g.DisplayName == groupGuestSettingsName);
// Create a new group setting based on the template
var newGroupSettings = new GroupSetting()
{
TemplateId = unifiedGroupGuestSettingTemplate.Id,
Values = unifiedGroupGuestSettingTemplate.Values.Select(
v => new SettingValue()
{
Name = v.Name,
Value = v.DefaultValue
})
};
// Add these settings to the group
groupSettings = await graph.Groups[group.Id].Settings.Request().AddAsync(newGroupSettings);
}
// Change AllowToAddGuests setting to false, if needed
var settings = groupSettings.Values.ToDictionary(x => x.Name, x => x);
if (settings["AllowToAddGuests"].Value.ToLower() != "false")
{
settings["AllowToAddGuests"].Value = "False";
await graph.GroupSettings[groupSettings.Id].Request()
.UpdateAsync(new GroupSetting() { Values = settings.Values });
}