/// <summary> /// Verifies that the Azure Active Directory user or group exists, and will get the object id if it is not set. /// </summary> /// <param name="displayName">Azure Active Directory user or group display name</param> /// <param name="objectId">Azure Active Directory user or group object id</param> /// <returns></returns> protected ServerAdministratorCreateOrUpdateProperties GetActiveDirectoryInformation(string displayName, Guid objectId) { // Gets the default Tenant id for the subscriptions Guid tenantId = GetTenantId(); // Check for a Azure Active Directory group. Recommended to always use group. IEnumerable <MicrosoftAzureCommandsResourcesModelsActiveDirectory.PSADGroup> groupList = null; var filter = new MicrosoftAzureCommandsResourcesModelsActiveDirectory.ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, SearchString = displayName, Paging = true, }; // Get a list of groups from Azure Active Directory groupList = ActiveDirectoryClient.FilterGroups(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase)); if (groupList.Count() > 1) { // More than one group was found with that display name. throw new ArgumentException(string.Format(Resources.ADGroupMoreThanOneFound, displayName)); } else if (groupList.Count() == 1) { // Only one group was found. Get the group display name and object id var group = groupList.First(); // Only support Security Groups if (group.SecurityEnabled.HasValue && !group.SecurityEnabled.Value) { throw new ArgumentException(string.Format(Resources.InvalidADGroupNotSecurity, displayName)); } return(new ServerAdministratorCreateOrUpdateProperties() { Login = group.DisplayName, Sid = group.Id, TenantId = tenantId, }); } // No group was found. Check for a user filter = new MicrosoftAzureCommandsResourcesModelsActiveDirectory.ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, SearchString = displayName, Paging = true, }; // Get a list of user from Azure Active Directory var userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase)); // No user was found. Check if the display name is a UPN if (userList == null || userList.Count() == 0) { // Check if the display name is the UPN filter = new MicrosoftAzureCommandsResourcesModelsActiveDirectory.ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, UPN = displayName, Paging = true, }; userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.UserPrincipalName, displayName, StringComparison.OrdinalIgnoreCase)); } // No user was found if (userList == null || userList.Count() == 0) { throw new ArgumentException(string.Format(Resources.ADObjectNotFound, displayName)); } else if (userList.Count() > 1) { // More than one user was found. throw new ArgumentException(string.Format(Resources.ADUserMoreThanOneFound, displayName)); } else { // Only one user was found. Get the user display name and object id var obj = userList.First(); return(new ServerAdministratorCreateOrUpdateProperties() { Login = displayName, Sid = obj.Id, TenantId = tenantId, }); } }
/// <summary> /// Verifies that the Azure Active Directory user or group exists, and will get the object id if it is not set. /// </summary> /// <param name="displayName">Azure Active Directory user or group display name</param> /// <param name="objectId">Azure Active Directory user or group object id</param> /// <returns></returns> protected ServerAdministratorCreateOrUpdateProperties GetActiveDirectoryInformation(string displayName, Guid objectId) { // Gets the default Tenant id for the subscriptions Guid tenantId = GetTenantId(); // Check for a Azure Active Directory group. Recommended to always use group. IEnumerable<MicrosoftAzureCommandsResourcesModelsActiveDirectory.PSADGroup> groupList = null; var filter = new MicrosoftAzureCommandsResourcesModelsActiveDirectory.ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, SearchString = displayName, Paging = true, }; // Get a list of groups from Azure Active Directory groupList = ActiveDirectoryClient.FilterGroups(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase)); if (groupList.Count() > 1) { // More than one group was found with that display name. throw new ArgumentException(string.Format(Resources.ADGroupMoreThanOneFound, displayName)); } else if (groupList.Count() == 1) { // Only one group was found. Get the group display name and object id var group = groupList.First(); // Only support Security Groups if (group.SecurityEnabled.HasValue && !group.SecurityEnabled.Value) { throw new ArgumentException(string.Format(Resources.InvalidADGroupNotSecurity, displayName)); } return new ServerAdministratorCreateOrUpdateProperties() { Login = group.DisplayName, Sid = group.Id, TenantId = tenantId, }; } // No group was found. Check for a user filter = new MicrosoftAzureCommandsResourcesModelsActiveDirectory.ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, SearchString = displayName, Paging = true, }; // Get a list of user from Azure Active Directory var userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.DisplayName, displayName, StringComparison.OrdinalIgnoreCase)); // No user was found. Check if the display name is a UPN if (userList == null || userList.Count() == 0) { // Check if the display name is the UPN filter = new MicrosoftAzureCommandsResourcesModelsActiveDirectory.ADObjectFilterOptions() { Id = (objectId != null && objectId != Guid.Empty) ? objectId.ToString() : null, UPN = displayName, Paging = true, }; userList = ActiveDirectoryClient.FilterUsers(filter).Where(gr => string.Equals(gr.UserPrincipalName, displayName, StringComparison.OrdinalIgnoreCase)); } // No user was found if (userList == null || userList.Count() == 0) { throw new ArgumentException(string.Format(Resources.ADObjectNotFound, displayName)); } else if (userList.Count() > 1) { // More than one user was found. throw new ArgumentException(string.Format(Resources.ADUserMoreThanOneFound, displayName)); } else { // Only one user was found. Get the user display name and object id var obj = userList.First(); return new ServerAdministratorCreateOrUpdateProperties() { Login = displayName, Sid = obj.Id, TenantId = tenantId, }; } }