如何使用 GraphServiceClient c# 创建 AD 嵌套组?

How to create AD nested groups using GraphServiceClient c#?

是否可以使用 Graph API 客户端在 Azure AD 中创建嵌套组:

在C#创建组的步骤中可以使用AdditionalData添加成员

The example creates a Security group with an owner and members specified. Note that a maximum of 20 relationships, such as owners and members, can be added as part of group creation.

IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
        .Create(clientId)
        .WithTenantId(tenantID)
        .WithClientSecret(clientSecret)
        .Build();

ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClientApplication);
GraphServiceClient graphClient = new GraphServiceClient(authProvider);

// Create group B and add members(user-id1 and user-id2)
var additionalDataGroupB = new Dictionary<string, object>()
{
    {"members@odata.bind", new List<string>()}
};
(additionalData["members@odata.bind"] as List<string>).Add("https://graph.microsoft.com/v1.0/users/{id1}");
(additionalData["members@odata.bind"] as List<string>).Add("https://graph.microsoft.com/v1.0/users/{id2}");

var groupB = new Group
{
    Description = "Group B",
    DisplayName = "PamelaGroupB",
    GroupTypes = new List<String>()
    {
    },
    MailEnabled = false,
    MailNickname = "operations2019",
    SecurityEnabled = true,
    AdditionalData = additionalDataGroupB
};

Group groupBRequest = await graphClient.Groups.Request().AddAsync(groupB);
string groupB_id = groupBRequest.Id;

// Create group C
......
string groupC_id = groupCRequest.Id;


// Create group A and add members(groupB and groupC)
var additionalDataGroupA = new Dictionary<string, object>()
{
    {"members@odata.bind", new List<string>()}
};
(additionalData["members@odata.bind"] as List<string>).Add("https://graph.microsoft.com/v1.0/groups/" + groupB_id);
(additionalData["members@odata.bind"] as List<string>).Add("https://graph.microsoft.com/v1.0/groups/" + groupC_id);

var groupA = new Group
{
    Description = "Group A",
    DisplayName = "PamelaGroupA",
    GroupTypes = new List<String>()
    {
    },
    MailEnabled = false,
    MailNickname = "XXXXX",
    SecurityEnabled = true,
    AdditionalData = additionalDataGroupA
};

await graphClient.Groups.Request().AddAsync(groupA);