예제 #1
0
        public List <Tuple <string, IDirectoryObject> > GetAdGroupMembers(Group RetrievedGroup, IConfiguration Configuration, Logger Logger)
        {
            List <Tuple <string, IDirectoryObject> > DirectoryObjects = new List <Tuple <string, IDirectoryObject> >();

            if (RetrievedGroup.ObjectId != null)
            {
                IGroupFetcher retrievedGroupFetcher = RetrievedGroup;

                try
                {
                    ExpandADGroup(DirectoryObjects, retrievedGroupFetcher);
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error retrieving Group membership {0} {1}", ex.Message, ex.InnerException != null ? ex.InnerException.Message : "");
                    Logger.Error(String.Format("Error retrieving Group membership {0} {1}", ex.Message, ex.InnerException != null ? ex.InnerException.Message : ""));
                }

                return(DirectoryObjects);
            }
            else
            {
                return(DirectoryObjects);
            }
        }
예제 #2
0
        //public async Task GetUserAndAddToGrop(String userPrincipalName, Group group)
        //{
        //    User user = await this.GetUser(userPrincipalName);
        //    if(user!=null)
        //    {
        //        await this.AddUserToGroup(user, group);
        //    }
        //    return;
        //}

        private async Task <bool> CheckUserWhetherExsitADGroup(User user, Group group)
        {
            if (group.ObjectId != null)
            {
                IGroupFetcher retrievedGroupFetcher = group;
                IPagedCollection <IDirectoryObject> membersPagedCollection = await retrievedGroupFetcher.Members.ExecuteAsync();

                if (membersPagedCollection != null)
                {
                    do
                    {
                        List <IDirectoryObject> templist = membersPagedCollection.CurrentPage.ToList();
                        foreach (IDirectoryObject member in templist)
                        {
                            if (member is User)
                            {
                                User usertemp = member as User;
                                if (usertemp.UserPrincipalName.Equals(user.UserPrincipalName))
                                {
                                    return(true);
                                }
                            }
                        }
                        membersPagedCollection = await membersPagedCollection.GetNextPageAsync();
                    } while (membersPagedCollection != null && membersPagedCollection.MorePagesAvailable);
                }
            }
            return(false);
        }
예제 #3
0
        public static async Task GetADUser()
        {
            TimeSheetDb timesheetDb       = new TimeSheetDb();
            string      NTI_Staff_GroupID = ConfigurationManager.AppSettings["ida:NTI_Staff_GroupID"];
            var         userList          = new List <User>();

            try
            {
                ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
                IGroup group = await client.Groups.GetByObjectId(NTI_Staff_GroupID).ExecuteAsync();

                IGroupFetcher groupFetcher = group as IGroupFetcher;
                IPagedCollection <IDirectoryObject> pagedCollection = await groupFetcher.Members.ExecuteAsync();

                if (pagedCollection != null)
                {
                    do
                    {
                        List <IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
                        foreach (IDirectoryObject directoryObject in directoryObjects)
                        {
                            if (directoryObject is User)
                            {
                                var user = (User)directoryObject;
                                userList.Add(user);
                            }
                        }
                        pagedCollection = await pagedCollection.GetNextPageAsync();
                    } while (pagedCollection != null);
                }
            }
            catch (Exception e)
            {
                throw e;
            }

            if (userList != null)
            {
                List <ADUser> SystemUserList = timesheetDb.ADUsers.ToList();
                if (SystemUserList.Count != userList.Count)
                {
                    foreach (var item in userList)
                    {
                        if (timesheetDb.ADUsers.Find(item.Mail) == null)
                        {
                            timesheetDb.ADUsers.Add(new ADUser {
                                UserName   = item.DisplayName,
                                Email      = item.Mail,
                                JobCode    = item.JobTitle,
                                Department = item.Department
                            }
                                                    );
                        }
                    }

                    timesheetDb.SaveChanges();
                }
            }
        }
예제 #4
0
        private async Task <List <User> > GetUserFromADGrop(string groupName)
        {
            List <User> userList = new List <User>();

            Group                     retrievedGroup  = new Group();
            List <IGroup>             foundGroups     = new List <IGroup>();
            IPagedCollection <IGroup> pagedCollection = await this.client.Groups.Where(group => group.DisplayName.StartsWith(groupName)).ExecuteAsync();

            if (pagedCollection != null)
            {
                do
                {
                    List <IGroup> templist = pagedCollection.CurrentPage.ToList();
                    foreach (IGroup group in templist)
                    {
                        foundGroups.Add((IGroup)group);
                    }
                    if (foundGroups.Count > 0)
                    {
                        break;
                    }
                    pagedCollection = await pagedCollection.GetNextPageAsync();
                }while (pagedCollection != null && pagedCollection.MorePagesAvailable);
            }

            if (foundGroups != null && foundGroups.Count > 0)
            {
                retrievedGroup = foundGroups.First() as Group;
                if (retrievedGroup.ObjectId != null)
                {
                    IGroupFetcher retrievedGroupFetcher = retrievedGroup;
                    IPagedCollection <IDirectoryObject> membersPagedCollection = await retrievedGroupFetcher.Members.ExecuteAsync();

                    if (membersPagedCollection != null)
                    {
                        do
                        {
                            List <IDirectoryObject> templist = membersPagedCollection.CurrentPage.ToList();
                            foreach (IDirectoryObject member in templist)
                            {
                                if (member is User)
                                {
                                    User user = member as User;
                                    userList.Add(user);
                                }
                            }
                            membersPagedCollection = await membersPagedCollection.GetNextPageAsync();
                        }while (membersPagedCollection != null && membersPagedCollection.MorePagesAvailable);
                        return(userList);
                    }
                }
            }
            return(null);
        }
예제 #5
0
        private async Task <bool> CheckUserWhetherExsitADGroup(String userPrincipalName, string groupName)
        {
            Group                     retrievedGroup  = new Group();
            List <IGroup>             foundGroups     = new List <IGroup>();
            IPagedCollection <IGroup> pagedCollection = await this.client.Groups.Where(group => group.DisplayName.StartsWith(groupName)).ExecuteAsync();

            if (pagedCollection != null)
            {
                do
                {
                    List <IGroup> templist = pagedCollection.CurrentPage.ToList();
                    foreach (IGroup group in templist)
                    {
                        foundGroups.Add((IGroup)group);
                    }
                    if (foundGroups.Count > 0)
                    {
                        break;
                    }
                    pagedCollection = await pagedCollection.GetNextPageAsync();
                }while (pagedCollection != null && pagedCollection.MorePagesAvailable);
            }

            if (foundGroups != null && foundGroups.Count > 0)
            {
                retrievedGroup = foundGroups.First() as Group;
                if (retrievedGroup.ObjectId != null)
                {
                    IGroupFetcher retrievedGroupFetcher = retrievedGroup;
                    IPagedCollection <IDirectoryObject> membersPagedCollection = await retrievedGroupFetcher.Members.ExecuteAsync();

                    if (membersPagedCollection != null)
                    {
                        do
                        {
                            List <IDirectoryObject> templist = membersPagedCollection.CurrentPage.ToList();
                            foreach (IDirectoryObject member in templist)
                            {
                                if (member is User)
                                {
                                    User user = member as User;
                                    if (user.UserPrincipalName.Equals(userPrincipalName))
                                    {
                                        return(true);
                                    }
                                }
                            }
                            membersPagedCollection = await membersPagedCollection.GetNextPageAsync();
                        }while (membersPagedCollection != null && membersPagedCollection.MorePagesAvailable);
                    }
                }
            }
            return(false);
        }
예제 #6
0
        /// <summary>
        ///     Gets a list of <see cref="User" /> objects that are members of this site's group.
        ///     Notice: They are Azure Directory online <see cref="User" /> data, not <see cref="ADUser" />
        ///     that stored locally.
        /// </summary>
        /// <returns>A view with the list of <see cref="User" /> objects.</returns>
        public async Task <ActionResult> User()
        {
            var    userList          = new List <User>();
            string NTI_Staff_GroupID = ConfigurationManager.AppSettings["ida:NTI_Staff_GroupID"];

            try
            {
                ActiveDirectoryClient client = UserProfileController.GetActiveDirectoryClient();
                IGroup group = await client.Groups.GetByObjectId(NTI_Staff_GroupID).ExecuteAsync();

                IGroupFetcher groupFetcher = group as IGroupFetcher;
                IPagedCollection <IDirectoryObject> pagedCollection = await groupFetcher.Members.ExecuteAsync();

                if (pagedCollection != null)
                {
                    do
                    {
                        List <IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
                        foreach (IDirectoryObject directoryObject in directoryObjects)
                        {
                            if (directoryObject is User)
                            {
                                var user = (User)directoryObject;
                                userList.Add(user);
                            }
                        }
                        pagedCollection = await pagedCollection.GetNextPageAsync();
                    } while (pagedCollection != null);
                }
            }
            catch (Exception e)
            {
                if (Request.QueryString["reauth"] == "True")
                {
                    //
                    // Send an OpenID Connect sign-in request to get a new set of tokens.
                    // If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
                    // The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
                    //
                    HttpContext.GetOwinContext()
                    .Authentication.Challenge(OpenIdConnectAuthenticationDefaults.AuthenticationType);
                }

                //
                // The user needs to re-authorize.  Show them a message to that effect.
                //
                ViewBag.ErrorMessage = "AuthorizationRequired";
                return(View(userList));
            }
            return(View(userList));
        }
예제 #7
0
        /// <summary>
        ///     Gets a list of <see cref="User" /> objects that are members of a give <see cref="Group" />.
        /// </summary>
        /// <param name="objectId">Unique identifier of the <see cref="Group" />.</param>
        /// <returns>A view with the list of <see cref="User" /> objects.</returns>
        public async Task <ActionResult> GetMembers(string objectId)
        {
            IList <User> users = new List <User>();

            try
            {
                ActiveDirectoryClient client = AuthenticationHelper.GetActiveDirectoryClient();
                IGroup group = await client.Groups.GetByObjectId(objectId).ExecuteAsync();

                IGroupFetcher groupFetcher = group as IGroupFetcher;
                IPagedCollection <IDirectoryObject> pagedCollection = await groupFetcher.Members.ExecuteAsync();

                do
                {
                    List <IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
                    foreach (IDirectoryObject directoryObject in directoryObjects)
                    {
                        if (directoryObject is User)
                        {
                            users.Add((User)directoryObject);
                        }
                    }
                    pagedCollection = await pagedCollection.GetNextPageAsync();
                } while (pagedCollection != null && pagedCollection.MorePagesAvailable);
            }
            catch (Exception e)
            {
                if (Request.QueryString["reauth"] == "True")
                {
                    //
                    // Send an OpenID Connect sign-in request to get a new set of tokens.
                    // If the user still has a valid session with Azure AD, they will not be prompted for their credentials.
                    // The OpenID Connect middleware will return to this controller after the sign-in response has been handled.
                    //
                    HttpContext.GetOwinContext()
                    .Authentication.Challenge(OpenIdConnectAuthenticationDefaults.AuthenticationType);
                }

                //
                // The user needs to re-authorize.  Show them a message to that effect.
                //
                ViewBag.ErrorMessage = "AuthorizationRequired";
                return(View());
            }

            return(View(users));
        }
예제 #8
0
        public List <Tuple <string, IDirectoryObject> > GetAdGroupMembers(Group RetrievedGroup, IConfiguration Configuration, Logger Logger)
        {
            List <Tuple <string, IDirectoryObject> > DirectoryObjects = new List <Tuple <string, IDirectoryObject> >();

            if (RetrievedGroup.ObjectId != null)
            {
                IGroupFetcher retrievedGroupFetcher = RetrievedGroup;

                try
                {
                    IPagedCollection <IDirectoryObject> GroupMembers = retrievedGroupFetcher.Members.ExecuteAsync().Result;
                    do
                    {
                        List <IDirectoryObject> directoryObjects = GroupMembers.CurrentPage.ToList();

                        foreach (IDirectoryObject directoryObject in directoryObjects)
                        {
                            if (directoryObject is User)
                            {
                                DirectoryObjects.Add(Tuple.Create("user", directoryObject));
                            }
                            if (directoryObject is Contact)
                            {
                                DirectoryObjects.Add(Tuple.Create("contact", directoryObject));
                            }
                            if (directoryObject is Group)
                            {
                                DirectoryObjects.Add(Tuple.Create("group", directoryObject));
                            }
                        }
                        GroupMembers = GroupMembers.GetNextPageAsync().Result;
                    } while (GroupMembers != null);
                }
                catch (Exception ex)
                {
                    Console.WriteLine("Error retrieving Group membership {0} {1}", ex.Message, ex.InnerException != null ? ex.InnerException.Message : "");
                    Logger.Error(String.Format("Error retrieving Group membership {0} {1}", ex.Message, ex.InnerException != null ? ex.InnerException.Message : ""));
                }

                return(DirectoryObjects);
            }
            else
            {
                return(DirectoryObjects);
            }
        }
예제 #9
0
        private static void ExpandADGroup(List <Tuple <string, IDirectoryObject> > DirectoryObjects, IGroupFetcher retrievedGroupFetcher)
        {
            IPagedCollection <IDirectoryObject> GroupMembers = retrievedGroupFetcher.Members.ExecuteAsync().Result;

            do
            {
                List <IDirectoryObject> directoryObjects = GroupMembers.CurrentPage.ToList();

                foreach (IDirectoryObject directoryObject in directoryObjects)
                {
                    if (directoryObject is User)
                    {
                        DirectoryObjects.Add(Tuple.Create("user", directoryObject));
                    }
                    if (directoryObject is Contact)
                    {
                        DirectoryObjects.Add(Tuple.Create("contact", directoryObject));
                    }
                    if (directoryObject is Group)
                    {
                        DirectoryObjects.Add(Tuple.Create("group", directoryObject));
                        ExpandADGroup(DirectoryObjects, (IGroupFetcher)directoryObject);
                    }
                }
                GroupMembers = GroupMembers.GetNextPageAsync().Result;
            } while (GroupMembers != null);
        }
예제 #10
0
        private static void Main()
        {
            // record start DateTime of execution
            string currentDateTime = DateTime.Now.ToUniversalTime().ToString();

            #region Setup Active Directory Client

            //*********************************************************************
            // setup Active Directory Client
            //*********************************************************************
            ActiveDirectoryClient activeDirectoryClient;
            try
            {
                activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsApplication();
            }
            catch (AuthenticationException ex)
            {
                Console.ForegroundColor = ConsoleColor.Red;
                Console.WriteLine("Acquiring a token failed with the following error: {0}", ex.Message);
                if (ex.InnerException != null)
                {
                    //You should implement retry and back-off logic per the guidance given here:http://msdn.microsoft.com/en-us/library/dn168916.aspx
                    //InnerException Message will contain the HTTP error status codes mentioned in the link above
                    Console.WriteLine("Error detail: {0}", ex.InnerException.Message);
                }
                Console.ResetColor();
                Console.ReadKey();
                return;
            }

            #endregion

            #region TenantDetails

            //*********************************************************************
            // Get Tenant Details
            // Note: update the string TenantId with your TenantId.
            // This can be retrieved from the login Federation Metadata end point:
            // https://login.windows.net/GraphDir1.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml
            //  Replace "GraphDir1.onMicrosoft.com" with any domain owned by your organization
            // The returned value from the first xml node "EntityDescriptor", will have a STS URL
            // containing your TenantId e.g. "https://sts.windows.net/4fd2b2f2-ea27-4fe5-a8f3-7b1a7c975f34/" is returned for GraphDir1.onMicrosoft.com
            //*********************************************************************
            VerifiedDomain initialDomain = new VerifiedDomain();
            VerifiedDomain defaultDomain = new VerifiedDomain();
            ITenantDetail  tenant        = null;
            Console.WriteLine("\n Retrieving Tenant Details");
            try
            {
                List <ITenantDetail> tenantsList = activeDirectoryClient.TenantDetails
                                                   .Where(tenantDetail => tenantDetail.ObjectId.Equals(Constants.TenantId))
                                                   .ExecuteAsync().Result.CurrentPage.ToList();
                if (tenantsList.Count > 0)
                {
                    tenant = tenantsList.First();
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting TenantDetails {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            if (tenant == null)
            {
                Console.WriteLine("Tenant not found");
            }
            else
            {
                TenantDetail tenantDetail = (TenantDetail)tenant;
                Console.WriteLine("Tenant Display Name: " + tenantDetail.DisplayName);

                // Get the Tenant's Verified Domains
                initialDomain = tenantDetail.VerifiedDomains.First(x => x.Initial.HasValue && x.Initial.Value);
                Console.WriteLine("Initial Domain Name: " + initialDomain.Name);
                defaultDomain = tenantDetail.VerifiedDomains.First(x => [email protected] && [email protected]);
                Console.WriteLine("Default Domain Name: " + defaultDomain.Name);

                // Get Tenant's Tech Contacts
                foreach (string techContact in tenantDetail.TechnicalNotificationMails)
                {
                    Console.WriteLine("Tenant Tech Contact: " + techContact);
                }
            }

            #endregion

            #region Create a new User



            IUser newUser = new User();
            if (defaultDomain.Name != null)
            {
                newUser.DisplayName       = "demo1";
                newUser.UserPrincipalName = "xuhua00101" + "@" + defaultDomain.Name;
                newUser.AccountEnabled    = true;
                newUser.MailNickname      = "SampleAppDemoUserManager";
                newUser.PasswordPolicies  = "DisablePasswordExpiration";
                newUser.PasswordProfile   = new PasswordProfile
                {
                    Password = "******",
                    ForceChangePasswordNextLogin = true
                };
                newUser.UsageLocation = "US";
                try
                {
                    //activeDirectoryClient.Users.AddUserAsync(newUser).Wait();
                    Console.WriteLine("\nNew User {0} was created", newUser.DisplayName);
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError creating new user {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }


            #endregion

            // IApplication APPl = new Application();
            //// APPl.AppId = "12345678";
            // // APPl.AppRoles =
            // APPl.AvailableToOtherTenants = false;
            // APPl.DisplayName = "vik00de";
            //// APPl.IdentifierUris
            // APPl.Homepage = "https://ww.baidu.com";
            // // APPl.IdentifierUris = "https://ww.baidu.com1";
            // APPl.LogoutUrl = "https://ww.baidu.com";
            // APPl.ErrorUrl = "https://ww.baidu.com1/1";
            //// IList<string> ls = APPl.IdentifierUris;
            //APPl.IdentifierUris.Add("https://localhost/demo/" + Guid.NewGuid());

            Application newApp = new Application {
                DisplayName = "wode" + Helper.GetRandomString(8)
            };
            newApp.IdentifierUris.Add("https://localhost/demo1/" + Guid.NewGuid());
            newApp.ReplyUrls.Add("https://localhost/demo1");
            newApp.PublicClient = null;
            AppRole appRole = new AppRole()
            {
                Id          = Guid.NewGuid(),
                IsEnabled   = true,
                DisplayName = "Something",
                Description = "Anything",
                Value       = "policy.write"
            };
            appRole.AllowedMemberTypes.Add("User");
            newApp.AppRoles.Add(appRole);



            //AzureADServicePrincipal
            //PasswordCredential password = new PasswordCredential
            //{
            //    StartDate = DateTime.UtcNow,
            //    EndDate = DateTime.UtcNow.AddYears(1),
            //    Value = "password",
            //    KeyId = Guid.NewGuid()
            //};
            //newApp.PasswordCredentials.Add(password);
            try
            {
                activeDirectoryClient.Applications.AddApplicationAsync(newApp).Wait();
                Console.WriteLine("New Application created: " + newApp.DisplayName);
            }
            catch (Exception e)
            {
                string a = e.Message.ToString();
                // Program.WriteError("\nError ceating Application: {0}", Program.ExtractErrorMessage(e));
            }

            ServicePrincipal s = new ServicePrincipal();
            s.Tags.Add("WindowsAzureActiveDirectoryIntegratedApp");
            s.AppId = newApp.AppId;
            try
            {
                activeDirectoryClient.ServicePrincipals.AddServicePrincipalAsync(s).Wait();
            }
            catch (Exception e) {
                string a = e.Message.ToString();
            }

            //try
            //{
            //    activeDirectoryClient.Applications.AddApplicationAsync(appObject).Wait();
            //}
            //catch (Exception e) {
            //    string mess = e.Message.ToString();
            //    string a = "";
            //}

            #region Create a User with a temp Password

            //*********************************************************************************************
            // Create a new User with a temp Password
            //*********************************************************************************************
            IUser userToBeAdded = new User();

            userToBeAdded.DisplayName       = "Sample App Demo User";
            userToBeAdded.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name;
            userToBeAdded.AccountEnabled    = true;
            userToBeAdded.MailNickname      = "SampleAppDemoUser";


            userToBeAdded.PasswordProfile = new PasswordProfile
            {
                Password = "******",
                ForceChangePasswordNextLogin = true
            };
            userToBeAdded.UsageLocation = "US";
            try
            {
                activeDirectoryClient.Users.AddUserAsync(userToBeAdded).Wait();
                Console.WriteLine("\nNew User {0} was created", userToBeAdded.DisplayName);
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError creating new user. {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }
            //  activeDirectoryClient.Applications.AddApplicationAsync(iApp);
            #endregion

            #region Create a new Group

            //*********************************************************************************************
            // Create a new Group
            //*********************************************************************************************
            Group californiaEmployees = new Group
            {
                DisplayName     = "California Employees" + Helper.GetRandomString(8),
                Description     = "Employees in the state of California",
                MailNickname    = "CalEmployees",
                MailEnabled     = false,
                SecurityEnabled = true
            };
            try
            {
                activeDirectoryClient.Groups.AddGroupAsync(californiaEmployees).Wait();
                Console.WriteLine("\nNew Group {0} was created", californiaEmployees.DisplayName);
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError creating new Group {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Search for Group using StartWith filter

            //*********************************************************************
            // Search for a group using a startsWith filter (displayName property)
            //*********************************************************************
            Group         retrievedGroup = new Group();
            string        searchString   = "California Employees";
            List <IGroup> foundGroups    = null;
            try
            {
                foundGroups = activeDirectoryClient.Groups
                              .Where(group => group.DisplayName.StartsWith(searchString))
                              .ExecuteAsync().Result.CurrentPage.ToList();
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Group {0} {1}",
                                  e.Message, e.InnerException != null ? e.InnerException.Message : "");
            }
            if (foundGroups != null && foundGroups.Count > 0)
            {
                retrievedGroup = foundGroups.First() as Group;
            }
            else
            {
                Console.WriteLine("Group Not Found");
            }

            #endregion

            #region Assign Member to Group

            if (retrievedGroup.ObjectId != null)
            {
                try
                {
                    retrievedGroup.Members.Add(newUser as DirectoryObject);
                    retrievedGroup.UpdateAsync().Wait();
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError assigning member to group. {0} {1}",
                                      e.Message, e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion


            #region Add User to Group

            //*********************************************************************************************
            // Add User to the "WA" Group
            //*********************************************************************************************
            if (retrievedGroup.ObjectId != null)
            {
                try
                {
                    retrievedGroup.Members.Add(userToBeAdded as DirectoryObject);
                    retrievedGroup.UpdateAsync().Wait();
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nAdding user to group failed {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion


            #region Get Group members

            if (retrievedGroup.ObjectId != null)
            {
                Console.WriteLine("\n Found Group: " + retrievedGroup.DisplayName + "  " + retrievedGroup.Description);

                //*********************************************************************
                // get the groups' membership -
                // Note this method retrieves ALL links in one request - please use this method with care - this
                // may return a very large number of objects
                //*********************************************************************
                IGroupFetcher retrievedGroupFetcher = retrievedGroup;
                try
                {
                    IPagedCollection <IDirectoryObject> members = retrievedGroupFetcher.Members.ExecuteAsync().Result;
                    Console.WriteLine(" Members:");
                    do
                    {
                        List <IDirectoryObject> directoryObjects = members.CurrentPage.ToList();
                        foreach (IDirectoryObject member in directoryObjects)
                        {
                            if (member is User)
                            {
                                User user = member as User;
                                Console.WriteLine("User DisplayName: {0}  UPN: {1}",
                                                  user.DisplayName,
                                                  user.UserPrincipalName);
                            }
                            if (member is Group)
                            {
                                Group group = member as Group;
                                Console.WriteLine("Group DisplayName: {0}", group.DisplayName);
                            }
                            if (member is Contact)
                            {
                                Contact contact = member as Contact;
                                Console.WriteLine("Contact DisplayName: {0}", contact.DisplayName);
                            }
                        }
                        members = members.GetNextPageAsync().Result;
                    } while (members != null);
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError getting groups' membership. {0} {1}",
                                      e.Message, e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion



            //*********************************************************************************************
            // End of Demo Console App
            //*********************************************************************************************

            Console.WriteLine("\nCompleted at {0} \n Press Any Key to Exit.", currentDateTime);
            // Console.ReadKey();
            Console.WriteLine();
            #region Search User by UPN

            // search for a single user by UPN
            searchString = "" + "@" + initialDomain.Name;
            Console.WriteLine("\n Retrieving user with UPN {0}", searchString);
            User         retrievedUser  = new User();
            List <IUser> retrievedUsers = null;
            try
            {
                retrievedUsers = activeDirectoryClient.Users
                                 .Where(user => user.UserPrincipalName.Equals(searchString))
                                 .ExecuteAsync().Result.CurrentPage.ToList();
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting new user {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }
            // should only find one user with the specified UPN
            if (retrievedUsers != null && retrievedUsers.Count == 1)
            {
                retrievedUser = (User)retrievedUsers.First();
            }
            else
            {
                Console.WriteLine("User not found {0}", searchString);
            }

            #endregion
            Console.WriteLine("\n {0} is a member of the following Group and Roles (IDs)", retrievedUser.DisplayName);
            IUserFetcher retrievedUserFetcher = retrievedUser;
            try
            {
                IPagedCollection <IDirectoryObject> pagedCollection = retrievedUserFetcher.MemberOf.ExecuteAsync().Result;
                do
                {
                    List <IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
                    foreach (IDirectoryObject directoryObject in directoryObjects)
                    {
                        if (directoryObject is Group)
                        {
                            Group group = directoryObject as Group;
                            Console.WriteLine(" Group: {0}  Description: {1}", group.DisplayName, group.Description);
                        }
                        if (directoryObject is DirectoryRole)
                        {
                            DirectoryRole role = directoryObject as DirectoryRole;
                            Console.WriteLine(" Role: {0}  Description: {1}", role.DisplayName, role.Description);
                        }
                    }
                    pagedCollection = pagedCollection.GetNextPageAsync().Result;
                } while (pagedCollection != null);
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting user's groups and roles memberships. {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            Console.WriteLine("Press any key to continue....");
            Console.ReadKey();
        }
예제 #11
0
        private void btnLoadUsers_Click(object sender, EventArgs e)
        {
            string currentDateTime = DateTime.Now.ToUniversalTime().ToString();
            var    selectedGroup   = tenantTree.SelectedNode;
            var    groupId         = selectedGroup.Name;

            #region Setup Active Directory Client

            ActiveDirectoryClient activeDirectoryClient;
            try
            {
                activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsApplication();
            }
            catch (AuthenticationException ex)
            {
                if (ex.InnerException != null)
                {
                    //You should implement retry and back-off logic per the guidance given here:http://msdn.microsoft.com/en-us/library/dn168916.aspx
                    //InnerException Message will contain the HTTP error status codes mentioned in the link above
                    txtOutput.Text += $"Error detail: {ex.InnerException.Message}";
                }
                return;
            }

            #endregion

            #region Get users for a given group

            try
            {
                txtOutput.Text += $"***** Starting GetUsers at {currentDateTime} *****" + NewLine;

                IGroup groups = activeDirectoryClient.Groups.Where(d => d.ObjectId == groupId).ExecuteSingleAsync().Result;
                Group  group  = (Group)groups;

                IGroupFetcher groupFetcher = group;
                var           members      = groupFetcher.Members.ExecuteAsync().Result;

                var count = 0;

                if (members.CurrentPage.Count != 0)
                {
                    do
                    {
                        var memberObjects = members.CurrentPage.ToList();
                        foreach (IDirectoryObject member in memberObjects)
                        {
                            if (member is User)
                            {
                                User user = member as User;

                                if (!selectedGroup.Nodes.ContainsKey(user.ObjectId))
                                {
                                    selectedGroup.Nodes.Add(user.ObjectId, user.DisplayName);
                                }
                                count++;
                            }
                            members = members.GetNextPageAsync().Result;
                        }
                    } while (members != null);

                    txtOutput.Text += $"User Count (for selected group): {count}" + NewLine;
                }
                if (count == 0)
                {
                    txtOutput.Text += "There doesn't seem to be any users in this group." + NewLine;
                }
            }
            catch (Exception ex)
            {
                txtOutput.Text += $"Error getting users: {ex.Message} {ex.InnerException?.Message}" + NewLine;
            }

            #endregion

            currentDateTime = DateTime.Now.ToUniversalTime().ToString();
            txtOutput.Text += $"***** Ending GetUsers at {currentDateTime} *****" + NewLine;
        }
 public static IGroup Execute(this IGroupFetcher group)
 {
     return(AsyncHelper.RunSync(async() => await group.ExecuteAsync()));
 }
예제 #13
0
        private static void Main()
        {
            // record start DateTime of execution
            string currentDateTime = DateTime.Now.ToUniversalTime().ToString();

            #region Setup Active Directory Client

            //*********************************************************************
            // setup Active Directory Client
            //*********************************************************************
            ActiveDirectoryClient activeDirectoryClient;
            try
            {
                activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsApplication();
            }
            catch (AuthenticationException ex)
            {
                Console.ForegroundColor = ConsoleColor.Red;
                Console.WriteLine("Acquiring a token failed with the following error: {0}", ex.Message);
                if (ex.InnerException != null)
                {
                    //You should implement retry and back-off logic per the guidance given here:http://msdn.microsoft.com/en-us/library/dn168916.aspx
                    //InnerException Message will contain the HTTP error status codes mentioned in the link above
                    Console.WriteLine("Error detail: {0}", ex.InnerException.Message);
                }
                Console.ResetColor();
                Console.ReadKey();
                return;
            }

            #endregion

            #region TenantDetails

            //*********************************************************************
            // Get Tenant Details
            // Note: update the string TenantId with your TenantId.
            // This can be retrieved from the login Federation Metadata end point:
            // https://login.windows.net/GraphDir1.onmicrosoft.com/FederationMetadata/2007-06/FederationMetadata.xml
            //  Replace "GraphDir1.onMicrosoft.com" with any domain owned by your organization
            // The returned value from the first xml node "EntityDescriptor", will have a STS URL
            // containing your TenantId e.g. "https://sts.windows.net/4fd2b2f2-ea27-4fe5-a8f3-7b1a7c975f34/" is returned for GraphDir1.onMicrosoft.com
            //*********************************************************************
            VerifiedDomain initialDomain = new VerifiedDomain();
            VerifiedDomain defaultDomain = new VerifiedDomain();
            ITenantDetail  tenant        = null;
            Console.WriteLine("\n Retrieving Tenant Details");
            try
            {
                List <ITenantDetail> tenantsList = activeDirectoryClient.TenantDetails
                                                   .Where(tenantDetail => tenantDetail.ObjectId.Equals(Constants.TenantId))
                                                   .ExecuteAsync().Result.CurrentPage.ToList();
                if (tenantsList.Count > 0)
                {
                    tenant = tenantsList.First();
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting TenantDetails {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }
            if (tenant == null)
            {
                Console.WriteLine("Tenant not found");
            }
            else
            {
                TenantDetail tenantDetail = (TenantDetail)tenant;
                Console.WriteLine("Tenant Display Name: " + tenantDetail.DisplayName);

                // Get the Tenant's Verified Domains
                initialDomain = tenantDetail.VerifiedDomains.First(x => x.Initial.HasValue && x.Initial.Value);
                Console.WriteLine("Initial Domain Name: " + initialDomain.Name);
                defaultDomain = tenantDetail.VerifiedDomains.First(x => [email protected] && [email protected]);
                Console.WriteLine("Default Domain Name: " + defaultDomain.Name);

                // Get Tenant's Tech Contacts
                foreach (string techContact in tenantDetail.TechnicalNotificationMails)
                {
                    Console.WriteLine("Tenant Tech Contact: " + techContact);
                }
            }

            #endregion

            #region Create a new User

            IUser newUser = new User();
            if (defaultDomain.Name != null)
            {
                newUser.DisplayName       = "Sample App Demo User (Manager)";
                newUser.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name;
                newUser.AccountEnabled    = true;
                newUser.MailNickname      = "SampleAppDemoUserManager";
                newUser.PasswordProfile   = new PasswordProfile
                {
                    Password = "******",
                    ForceChangePasswordNextLogin = true
                };
                newUser.UsageLocation = "US";
                try
                {
                    activeDirectoryClient.Users.AddUserAsync(newUser).Wait();
                    Console.WriteLine("\nNew User {0} was created", newUser.DisplayName);
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError creating new user {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region List of max 4 Users by UPN

            //*********************************************************************
            // Demonstrate Getting a list of Users with paging (get 4 users), sorted by displayName
            //*********************************************************************
            int maxUsers = 4;
            try
            {
                Console.WriteLine("\n Retrieving Users");
                List <IUser> users = activeDirectoryClient.Users.OrderBy(user =>
                                                                         user.UserPrincipalName).Take(maxUsers).ExecuteAsync().Result.CurrentPage.ToList();
                foreach (IUser user in users)
                {
                    Console.WriteLine("UserObjectId: {0}  UPN: {1}", user.ObjectId, user.UserPrincipalName);
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Users. {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Create a User with a temp Password

            //*********************************************************************************************
            // Create a new User with a temp Password
            //*********************************************************************************************
            IUser userToBeAdded = new User();
            userToBeAdded.DisplayName       = "Sample App Demo User";
            userToBeAdded.UserPrincipalName = Helper.GetRandomString(10) + "@" + defaultDomain.Name;
            userToBeAdded.AccountEnabled    = true;
            userToBeAdded.MailNickname      = "SampleAppDemoUser";
            userToBeAdded.PasswordProfile   = new PasswordProfile
            {
                Password = "******",
                ForceChangePasswordNextLogin = true
            };
            userToBeAdded.UsageLocation = "US";
            try
            {
                activeDirectoryClient.Users.AddUserAsync(userToBeAdded).Wait();
                Console.WriteLine("\nNew User {0} was created", userToBeAdded.DisplayName);
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError creating new user. {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Update newly created User

            //*******************************************************************************************
            // update the newly created user's Password, PasswordPolicies and City
            //*********************************************************************************************
            if (userToBeAdded.ObjectId != null)
            {
                // update User's city and reset their User's Password
                userToBeAdded.City    = "Seattle";
                userToBeAdded.Country = "UK";
                PasswordProfile PasswordProfile = new PasswordProfile
                {
                    Password = "******",
                    ForceChangePasswordNextLogin = false
                };
                userToBeAdded.PasswordProfile  = PasswordProfile;
                userToBeAdded.PasswordPolicies = "DisablePasswordExpiration, DisableStrongPassword";
                try
                {
                    userToBeAdded.UpdateAsync().Wait();
                    Console.WriteLine("\nUser {0} was updated", userToBeAdded.DisplayName);
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError Updating the user {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Search User by UPN

            // search for a single user by UPN
            string searchString = "admin@" + initialDomain.Name;
            Console.WriteLine("\n Retrieving user with UPN {0}", searchString);
            User         retrievedUser  = new User();
            List <IUser> retrievedUsers = null;
            try
            {
                retrievedUsers = activeDirectoryClient.Users
                                 .Where(user => user.UserPrincipalName.Equals(searchString))
                                 .ExecuteAsync().Result.CurrentPage.ToList();
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting new user {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }
            // should only find one user with the specified UPN
            if (retrievedUsers != null && retrievedUsers.Count == 1)
            {
                retrievedUser = (User)retrievedUsers.First();
            }
            else
            {
                Console.WriteLine("User not found {0}", searchString);
            }

            #endregion

            #region User Operations

            if (retrievedUser.UserPrincipalName != null)
            {
                Console.WriteLine("\n Found User: "******"  UPN: " +
                                  retrievedUser.UserPrincipalName);

                #region Assign User a Manager

                //Assigning User a new manager.
                if (newUser.ObjectId != null)
                {
                    Console.WriteLine("\n Assign User {0}, {1} as Manager.", retrievedUser.DisplayName,
                                      newUser.DisplayName);
                    retrievedUser.Manager = newUser as DirectoryObject;
                    try
                    {
                        newUser.UpdateAsync().Wait();
                        Console.Write("User {0} is successfully assigned {1} as Manager.", retrievedUser.DisplayName,
                                      newUser.DisplayName);
                    }
                    catch (Exception e)
                    {
                        Console.WriteLine("\nError assigning manager to user. {0} {1}", e.Message,
                                          e.InnerException != null ? e.InnerException.Message : "");
                    }
                }

                #endregion

                #region Get User's Manager

                //Get the retrieved user's manager.
                Console.WriteLine("\n Retrieving User {0}'s Manager.", retrievedUser.DisplayName);
                DirectoryObject usersManager = retrievedUser.Manager;
                if (usersManager != null)
                {
                    User manager = usersManager as User;
                    if (manager != null)
                    {
                        Console.WriteLine("User {0} Manager details: \nManager: {1}  UPN: {2}",
                                          retrievedUser.DisplayName, manager.DisplayName, manager.UserPrincipalName);
                    }
                }
                else
                {
                    Console.WriteLine("Manager not found.");
                }

                #endregion

                #region Get User's Direct Reports

                //*********************************************************************
                // get the user's Direct Reports
                //*********************************************************************
                if (newUser.ObjectId != null)
                {
                    Console.WriteLine("\n Getting User{0}'s Direct Reports.", newUser.DisplayName);
                    IUserFetcher newUserFetcher = (IUserFetcher)newUser;
                    try
                    {
                        IPagedCollection <IDirectoryObject> directReports =
                            newUserFetcher.DirectReports.ExecuteAsync().Result;
                        do
                        {
                            List <IDirectoryObject> directoryObjects = directReports.CurrentPage.ToList();
                            foreach (IDirectoryObject directoryObject in directoryObjects)
                            {
                                if (directoryObject is User)
                                {
                                    User directReport = directoryObject as User;
                                    Console.WriteLine("User {0} Direct Report is {1}", newUser.UserPrincipalName,
                                                      directReport.UserPrincipalName);
                                }
                            }
                            directReports = directReports.GetNextPageAsync().Result;
                        } while (directReports != null && directReports.MorePagesAvailable);
                    }
                    catch (Exception e)
                    {
                        Console.WriteLine("\nError getting direct reports of user. {0} {1}", e.Message,
                                          e.InnerException != null ? e.InnerException.Message : "");
                    }
                }

                #endregion

                #region Get list of Group IDS, user is member of

                //*********************************************************************
                // get a list of Group IDs that the user is a member of
                //*********************************************************************
                //const bool securityEnabledOnly = false;
                //IEnumerable<string> memberGroups = retrievedUser.GetMemberGroupsAsync(securityEnabledOnly).Result;
                //Console.WriteLine("\n {0} is a member of the following Groups (IDs)", retrievedUser.DisplayName);
                //foreach (String memberGroup in memberGroups)
                //{
                //    Console.WriteLine("Member of Group ID: " + memberGroup);
                //}

                #endregion

                #region Get User's Group And Role Membership, Getting the complete set of objects

                //*********************************************************************
                // get the User's Group and Role membership, getting the complete set of objects
                //*********************************************************************
                Console.WriteLine("\n {0} is a member of the following Group and Roles (IDs)", retrievedUser.DisplayName);
                IUserFetcher retrievedUserFetcher = retrievedUser;
                try
                {
                    IPagedCollection <IDirectoryObject> pagedCollection = retrievedUserFetcher.MemberOf.ExecuteAsync().Result;
                    do
                    {
                        List <IDirectoryObject> directoryObjects = pagedCollection.CurrentPage.ToList();
                        foreach (IDirectoryObject directoryObject in directoryObjects)
                        {
                            if (directoryObject is Group)
                            {
                                Group group = directoryObject as Group;
                                Console.WriteLine(" Group: {0}  Description: {1}", group.DisplayName, group.Description);
                            }
                            if (directoryObject is DirectoryRole)
                            {
                                DirectoryRole role = directoryObject as DirectoryRole;
                                Console.WriteLine(" Role: {0}  Description: {1}", role.DisplayName, role.Description);
                            }
                        }
                        pagedCollection = pagedCollection.GetNextPageAsync().Result;
                    } while (pagedCollection != null && pagedCollection.MorePagesAvailable);
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError getting user's groups and roles memberships. {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }

                #endregion
            }

            #endregion

            #region Search for User (People Picker)

            //*********************************************************************
            // People picker
            // Search for a user using text string "Us" match against userPrincipalName, displayName, giveName, surname
            //*********************************************************************
            searchString = "Us";
            Console.WriteLine("\nSearching for any user with string {0} in UPN,DisplayName,First or Last Name",
                              searchString);
            List <IUser>             usersList     = null;
            IPagedCollection <IUser> searchResults = null;
            try
            {
                IUserCollection userCollection = activeDirectoryClient.Users;
                searchResults = userCollection.Where(user =>
                                                     user.UserPrincipalName.StartsWith(searchString) ||
                                                     user.DisplayName.StartsWith(searchString) ||
                                                     user.GivenName.StartsWith(searchString) ||
                                                     user.Surname.StartsWith(searchString)).ExecuteAsync().Result;
                usersList = searchResults.CurrentPage.ToList();
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting User {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            if (usersList != null && usersList.Count > 0)
            {
                do
                {
                    usersList = searchResults.CurrentPage.ToList();
                    foreach (IUser user in usersList)
                    {
                        Console.WriteLine("User DisplayName: {0}  UPN: {1}",
                                          user.DisplayName, user.UserPrincipalName);
                    }
                    searchResults = searchResults.GetNextPageAsync().Result;
                } while (searchResults != null && searchResults.MorePagesAvailable);
            }
            else
            {
                Console.WriteLine("User not found");
            }

            #endregion

            #region Search for Group using StartWith filter

            //*********************************************************************
            // Search for a group using a startsWith filter (displayName property)
            //*********************************************************************
            Group retrievedGroup = new Group();
            searchString = "US";
            List <IGroup> foundGroups = null;
            try
            {
                foundGroups = activeDirectoryClient.Groups
                              .Where(group => group.DisplayName.StartsWith(searchString))
                              .ExecuteAsync().Result.CurrentPage.ToList();
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Group {0} {1}",
                                  e.Message, e.InnerException != null ? e.InnerException.Message : "");
            }
            if (foundGroups != null && foundGroups.Count > 0)
            {
                retrievedGroup = foundGroups.First() as Group;
            }
            else
            {
                Console.WriteLine("Group Not Found");
            }

            #endregion

            #region Assign Member to Group

            if (retrievedGroup.ObjectId != null)
            {
                try
                {
                    activeDirectoryClient.Context.AddLink(retrievedGroup, "members", newUser);
                    activeDirectoryClient.Context.SaveChanges();
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError assigning member to group. {0} {1}",
                                      e.Message, e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Get Group members

            if (retrievedGroup.ObjectId != null)
            {
                Console.WriteLine("\n Found Group: " + retrievedGroup.DisplayName + "  " + retrievedGroup.Description);

                //*********************************************************************
                // get the groups' membership -
                // Note this method retrieves ALL links in one request - please use this method with care - this
                // may return a very large number of objects
                //*********************************************************************
                IGroupFetcher retrievedGroupFetcher = retrievedGroup;
                try
                {
                    IPagedCollection <IDirectoryObject> members = retrievedGroupFetcher.Members.ExecuteAsync().Result;
                    Console.WriteLine(" Members:");
                    do
                    {
                        List <IDirectoryObject> directoryObjects = members.CurrentPage.ToList();
                        foreach (IDirectoryObject member in directoryObjects)
                        {
                            if (member is User)
                            {
                                User user = member as User;
                                Console.WriteLine("User DisplayName: {0}  UPN: {1}",
                                                  user.DisplayName,
                                                  user.UserPrincipalName);
                            }
                            if (member is Group)
                            {
                                Group group = member as Group;
                                Console.WriteLine("Group DisplayName: {0}", group.DisplayName);
                            }
                            if (member is Contact)
                            {
                                Contact contact = member as Contact;
                                Console.WriteLine("Contact DisplayName: {0}", contact.DisplayName);
                            }
                        }
                    } while (members != null && members.MorePagesAvailable);
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nError getting groups' membership. {0} {1}",
                                      e.Message, e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Add User to Group

            //*********************************************************************************************
            // Add User to the "WA" Group
            //*********************************************************************************************
            if (retrievedGroup.ObjectId != null)
            {
                try
                {
                    activeDirectoryClient.Context.AddLink(retrievedGroup, "members", userToBeAdded);
                    activeDirectoryClient.Context.SaveChangesAsync().Wait();
                }
                catch (Exception e)
                {
                    Console.WriteLine("\nAdding user to group failed {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Create a new Group

            //*********************************************************************************************
            // Create a new Group
            //*********************************************************************************************
            Group californiaEmployees = new Group
            {
                DisplayName     = "California Employees" + Helper.GetRandomString(8),
                Description     = "Employees in the state of California",
                MailNickname    = "CalEmployees",
                MailEnabled     = false,
                SecurityEnabled = true
            };
            try
            {
                activeDirectoryClient.Groups.AddGroupAsync(californiaEmployees).Wait();
                Console.WriteLine("\nNew Group {0} was created", californiaEmployees.DisplayName);
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError creating new Group {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Delete User

            //*********************************************************************************************
            // Delete the user that we just created
            //*********************************************************************************************
            if (userToBeAdded.ObjectId != null)
            {
                try
                {
                    userToBeAdded.DeleteAsync().Wait();
                    Console.WriteLine("\nUser {0} was deleted", userToBeAdded.DisplayName);
                }
                catch (Exception e)
                {
                    Console.WriteLine("Deleting User failed {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }
            if (newUser.ObjectId != null)
            {
                try
                {
                    newUser.DeleteAsync().Wait();
                    Console.WriteLine("\nUser {0} was deleted", newUser.DisplayName);
                }
                catch (Exception e)
                {
                    Console.WriteLine("Deleting User failed {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Delete Group

            //*********************************************************************************************
            // Delete the Group that we just created
            //*********************************************************************************************
            if (californiaEmployees.ObjectId != null)
            {
                try
                {
                    californiaEmployees.DeleteAsync().Wait();
                    Console.WriteLine("\nGroup {0} was deleted", californiaEmployees.DisplayName);
                }
                catch (Exception e)
                {
                    Console.WriteLine("Deleting Group failed {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Get All Roles

            //*********************************************************************
            // Get All Roles
            //*********************************************************************
            List <IDirectoryRole> foundRoles = null;
            try
            {
                foundRoles = activeDirectoryClient.DirectoryRoles.ExecuteAsync().Result.CurrentPage.ToList();
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Roles {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            if (foundRoles != null && foundRoles.Count > 0)
            {
                foreach (IDirectoryRole role in foundRoles)
                {
                    Console.WriteLine("\n Found Role: {0} {1} {2} ",
                                      role.DisplayName, role.Description, role.ObjectId);
                }
            }
            else
            {
                Console.WriteLine("Role Not Found {0}", searchString);
            }

            #endregion

            #region Get Service Principals

            //*********************************************************************
            // get the Service Principals
            //*********************************************************************
            IPagedCollection <IServicePrincipal> servicePrincipals = null;
            try
            {
                servicePrincipals = activeDirectoryClient.ServicePrincipals.ExecuteAsync().Result;
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Service Principal {0} {1}",
                                  e.Message, e.InnerException != null ? e.InnerException.Message : "");
            }
            if (servicePrincipals != null)
            {
                do
                {
                    List <IServicePrincipal> servicePrincipalsList = servicePrincipals.CurrentPage.ToList();
                    foreach (IServicePrincipal servicePrincipal in servicePrincipalsList)
                    {
                        Console.WriteLine("Service Principal AppId: {0}  Name: {1}", servicePrincipal.AppId,
                                          servicePrincipal.DisplayName);
                    }
                    servicePrincipals = servicePrincipals.GetNextPageAsync().Result;
                } while (servicePrincipals != null && servicePrincipals.MorePagesAvailable);
            }

            #endregion

            #region Get Applications

            //*********************************************************************
            // get the Application objects
            //*********************************************************************
            IPagedCollection <IApplication> applications = null;
            try
            {
                applications = activeDirectoryClient.Applications.Take(999).ExecuteAsync().Result;
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Applications {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }
            if (applications != null)
            {
                do
                {
                    List <IApplication> appsList = applications.CurrentPage.ToList();
                    foreach (IApplication app in appsList)
                    {
                        Console.WriteLine("Application AppId: {0}  Name: {1}", app.AppId, app.DisplayName);
                    }
                    applications = applications.GetNextPageAsync().Result;
                } while (applications != null && applications.MorePagesAvailable);
            }

            #endregion

            #region User License Assignment

            //*********************************************************************************************
            // User License Assignment - assign EnterprisePack license to new user, and disable SharePoint service
            //   first get a list of Tenant's subscriptions and find the "Enterprisepack" one
            //   Enterprise Pack includes service Plans for ExchangeOnline, SharePointOnline and LyncOnline
            //   validate that Subscription is Enabled and there are enough units left to assign to users
            //*********************************************************************************************
            IPagedCollection <ISubscribedSku> skus = null;
            try
            {
                skus = activeDirectoryClient.SubscribedSkus.ExecuteAsync().Result;
            }
            catch (Exception e)
            {
                Console.WriteLine("\nError getting Applications {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }
            if (skus != null)
            {
                do
                {
                    List <ISubscribedSku> subscribedSkus = skus.CurrentPage.ToList();
                    foreach (ISubscribedSku sku in subscribedSkus)
                    {
                        if (sku.SkuPartNumber == "ENTERPRISEPACK")
                        {
                            if ((sku.PrepaidUnits.Enabled.Value > sku.ConsumedUnits) &&
                                (sku.CapabilityStatus == "Enabled"))
                            {
                                // create addLicense object and assign the Enterprise Sku GUID to the skuId
                                //
                                AssignedLicense addLicense = new AssignedLicense {
                                    SkuId = sku.SkuId.Value
                                };

                                // find plan id of SharePoint Service Plan
                                foreach (ServicePlanInfo servicePlan in sku.ServicePlans)
                                {
                                    if (servicePlan.ServicePlanName.Contains("SHAREPOINT"))
                                    {
                                        addLicense.DisabledPlans.Add(servicePlan.ServicePlanId.Value);
                                        break;
                                    }
                                }

                                IList <AssignedLicense> licensesToAdd    = new[] { addLicense };
                                IList <Guid>            licensesToRemove = new Guid[] {};

                                // attempt to assign the license object to the new user
                                try
                                {
                                    if (newUser.ObjectId != null)
                                    {
                                        newUser.AssignLicenseAsync(licensesToAdd, licensesToRemove).Wait();
                                        Console.WriteLine("\n User {0} was assigned license {1}",
                                                          newUser.DisplayName,
                                                          addLicense.SkuId);
                                    }
                                }
                                catch (Exception e)
                                {
                                    Console.WriteLine("\nLicense assingment failed {0} {1}", e.Message,
                                                      e.InnerException != null ? e.InnerException.Message : "");
                                }
                            }
                        }
                    }
                    skus = skus.GetNextPageAsync().Result;
                } while (skus != null && skus.MorePagesAvailable);
            }

            #endregion

            #region Switch to OAuth Authorization Code Grant (Acting as a user)

            activeDirectoryClient = AuthenticationHelper.GetActiveDirectoryClientAsUser();

            #endregion

            #region Create Application

            //*********************************************************************************************
            // Create a new Application object with App Role Assignment (Direct permission)
            //*********************************************************************************************
            Application appObject = new Application {
                DisplayName = "Test-Demo App" + Helper.GetRandomString(8)
            };
            appObject.IdentifierUris.Add("https://localhost/demo/" + Guid.NewGuid());
            appObject.ReplyUrls.Add("https://localhost/demo");
            AppRole appRole = new AppRole();
            appRole.Id        = Guid.NewGuid();
            appRole.IsEnabled = true;
            appRole.AllowedMemberTypes.Add("User");
            appRole.DisplayName = "Something";
            appRole.Description = "Anything";
            appRole.Value       = "policy.write";
            appObject.AppRoles.Add(appRole);

            // created Keycredential object for the new App object
            KeyCredential keyCredential = new KeyCredential
            {
                StartDate = DateTime.UtcNow,
                EndDate   = DateTime.UtcNow.AddYears(1),
                Type      = "Symmetric",
                Value     = Convert.FromBase64String("g/TMLuxgzurjQ0Sal9wFEzpaX/sI0vBP3IBUE/H/NS4="),
                Usage     = "Verify"
            };
            appObject.KeyCredentials.Add(keyCredential);

            try
            {
                activeDirectoryClient.Applications.AddApplicationAsync(appObject).Wait();
                Console.WriteLine("New Application created: " + appObject.ObjectId);
            }
            catch (Exception e)
            {
                Console.WriteLine("Application Creation execption: {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Create Service Principal

            //*********************************************************************************************
            // create a new Service principal
            //*********************************************************************************************
            ServicePrincipal newServicePrincpal = new ServicePrincipal();
            if (appObject != null)
            {
                newServicePrincpal.DisplayName    = appObject.DisplayName;
                newServicePrincpal.AccountEnabled = true;
                newServicePrincpal.AppId          = appObject.AppId;
                try
                {
                    activeDirectoryClient.ServicePrincipals.AddServicePrincipalAsync(newServicePrincpal).Wait();
                    Console.WriteLine("New Service Principal created: " + newServicePrincpal.ObjectId);
                }
                catch (Exception e)
                {
                    Console.WriteLine("Service Principal Creation execption: {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Assign Direct Permission
            try
            {
                User user =
                    (User)activeDirectoryClient.Users.ExecuteAsync().Result.CurrentPage.ToList().FirstOrDefault();
                if (appObject.ObjectId != null && user != null && newServicePrincpal.ObjectId != null)
                {
                    AppRoleAssignment appRoleAssignment = new AppRoleAssignment();
                    appRoleAssignment.Id            = appRole.Id;
                    appRoleAssignment.ResourceId    = Guid.Parse(newServicePrincpal.ObjectId);
                    appRoleAssignment.PrincipalType = "User";
                    appRoleAssignment.PrincipalId   = Guid.Parse(user.ObjectId);
                    user.AppRoleAssignments.Add(appRoleAssignment);
                    user.UpdateAsync().Wait();
                    Console.WriteLine("User {0} is successfully assigned direct permission.", retrievedUser.DisplayName);
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("Direct Permission Assignment failed: {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Get Devices

            //*********************************************************************************************
            // Get a list of Mobile Devices from tenant
            //*********************************************************************************************
            Console.WriteLine("\nGetting Devices");
            IPagedCollection <IDevice> devices = null;
            try
            {
                devices = activeDirectoryClient.Devices.ExecuteAsync().Result;
            }
            catch (Exception e)
            {
                Console.WriteLine("/nError getting devices {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            if (devices != null)
            {
                do
                {
                    List <IDevice> devicesList = devices.CurrentPage.ToList();
                    foreach (IDevice device in devicesList)
                    {
                        if (device.ObjectId != null)
                        {
                            Console.WriteLine("Device ID: {0}, Type: {1}", device.DeviceId, device.DeviceOSType);
                            IPagedCollection <IDirectoryObject> registeredOwners = device.RegisteredOwners;
                            if (registeredOwners != null)
                            {
                                do
                                {
                                    List <IDirectoryObject> registeredOwnersList = registeredOwners.CurrentPage.ToList();
                                    foreach (IDirectoryObject owner in registeredOwnersList)
                                    {
                                        Console.WriteLine("Device Owner ID: " + owner.ObjectId);
                                    }
                                    registeredOwners = registeredOwners.GetNextPageAsync().Result;
                                } while (registeredOwners != null && registeredOwners.MorePagesAvailable);
                            }
                        }
                    }
                    devices = devices.GetNextPageAsync().Result;
                } while (devices != null && devices.MorePagesAvailable);
            }

            #endregion

            #region Create New Permission

            //*********************************************************************************************
            // Create new permission object
            //*********************************************************************************************
            OAuth2PermissionGrant permissionObject = new OAuth2PermissionGrant();
            permissionObject.ConsentType = "AllPrincipals";
            permissionObject.Scope       = "user_impersonation";
            permissionObject.StartTime   = DateTime.Now;
            permissionObject.ExpiryTime  = (DateTime.Now).AddMonths(12);

            // resourceId is objectId of the resource, in this case objectId of AzureAd (Graph API)
            permissionObject.ResourceId = "52620afb-80de-4096-a826-95f4ad481686";

            //ClientId = objectId of servicePrincipal
            permissionObject.ClientId = newServicePrincpal.ObjectId;
            try
            {
                activeDirectoryClient.Oauth2PermissionGrants.AddOAuth2PermissionGrantAsync(permissionObject).Wait();
                Console.WriteLine("New Permission object created: " + permissionObject.ObjectId);
            }
            catch (Exception e)
            {
                Console.WriteLine("Permission Creation exception: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            #region Get All Permissions

            //*********************************************************************************************
            // get all Permission Objects
            //*********************************************************************************************
            Console.WriteLine("\n Getting Permissions");
            IPagedCollection <IOAuth2PermissionGrant> permissions = null;
            try
            {
                permissions = activeDirectoryClient.Oauth2PermissionGrants.ExecuteAsync().Result;
            }
            catch (Exception e)
            {
                Console.WriteLine("Error: {0} {1}", e.Message, e.InnerException != null ? e.InnerException.Message : "");
            }
            if (permissions != null)
            {
                do
                {
                    List <IOAuth2PermissionGrant> perms = permissions.CurrentPage.ToList();
                    foreach (IOAuth2PermissionGrant perm in perms)
                    {
                        Console.WriteLine("Permission: {0}  Name: {1}", perm.ClientId, perm.Scope);
                    }
                } while (permissions != null && permissions.MorePagesAvailable);
            }

            #endregion

            #region Delete Application

            //*********************************************************************************************
            // Delete Application Objects
            //*********************************************************************************************
            if (appObject.ObjectId != null)
            {
                try
                {
                    appObject.DeleteAsync().Wait();
                    Console.WriteLine("Deleted Application object: " + appObject.ObjectId);
                }
                catch (Exception e)
                {
                    Console.WriteLine("Application Deletion execption: {0} {1}", e.Message,
                                      e.InnerException != null ? e.InnerException.Message : "");
                }
            }

            #endregion

            #region Batch Operations

            //*********************************************************************************************
            // Show Batching with 3 operators.  Note: up to 5 operations can be in a batch
            //*********************************************************************************************
            IReadOnlyQueryableSet <User>          userQuery   = activeDirectoryClient.DirectoryObjects.OfType <User>();
            IReadOnlyQueryableSet <Group>         groupsQuery = activeDirectoryClient.DirectoryObjects.OfType <Group>();
            IReadOnlyQueryableSet <DirectoryRole> rolesQuery  =
                activeDirectoryClient.DirectoryObjects.OfType <DirectoryRole>();
            try
            {
                IBatchElementResult[] batchResult =
                    activeDirectoryClient.Context.ExecuteBatchAsync(userQuery, groupsQuery, rolesQuery).Result;
                int responseCount = 1;
                foreach (IBatchElementResult result in batchResult)
                {
                    if (result.FailureResult != null)
                    {
                        Console.WriteLine("Failed: {0} ",
                                          result.FailureResult.InnerException);
                    }
                    if (result.SuccessResult != null)
                    {
                        Console.WriteLine("Batch Item Result {0} succeeded",
                                          responseCount++);
                    }
                }
            }
            catch (Exception e)
            {
                Console.WriteLine("Batch execution failed. : {0} {1}", e.Message,
                                  e.InnerException != null ? e.InnerException.Message : "");
            }

            #endregion

            //*********************************************************************************************
            // End of Demo Console App
            //*********************************************************************************************

            Console.WriteLine("\nCompleted at {0} \n Press Any Key to Exit.", currentDateTime);
            Console.ReadKey();
        }
예제 #14
0
        public async Task <ActionResult> AddUser()
        {
            ActiveDirectoryClient activeDirectoryClient      = GraphHelper.ActiveDirectoryClient();
            Dictionary <string, IEnumerable <string> > model = new Dictionary <string, IEnumerable <string> >();
            List <string> users  = null;
            var           groups = await activeDirectoryClient.Groups.Where(group => group.ObjectId.Equals(Config.SecurityGroups[Config.Roles.User])).ExecuteAsync();

            IGroupFetcher retrievedGroupFetcher = groups.CurrentPage.FirstOrDefault() as Group;

            if (retrievedGroupFetcher != null)
            {
                users = new List <string>();
                IPagedCollection <IDirectoryObject> members = await retrievedGroupFetcher.Members.ExecuteAsync();

                do
                {
                    List <IDirectoryObject> directoryObjects = members.CurrentPage.ToList();
                    foreach (IDirectoryObject member in directoryObjects)
                    {
                        if (member is User)
                        {
                            User user = member as User;
                            users.Add(string.Format("{0}, ({1})", user.DisplayName, user.UserPrincipalName));
                        }
                        else if (member is Group)
                        {
                            Group group = member as Group;
                            users.Add(string.Format("{0}, (Group)", group.DisplayName));
                        }
                        else if (member is Contact)
                        {
                            Contact contact = member as Contact;
                            users.Add(string.Format("{0}, (Contact)", contact.DisplayName));
                        }
                    }
                    members = members.GetNextPageAsync().Result;
                } while (members != null);
            }

            model.Add(Config.Roles.User, users);
            users  = null;
            groups = await activeDirectoryClient.Groups.Where(group => group.ObjectId.Equals(Config.SecurityGroups[Config.Roles.Admin])).ExecuteAsync();

            retrievedGroupFetcher = groups.CurrentPage.FirstOrDefault() as Group;
            users = new List <string>();
            if (retrievedGroupFetcher != null)
            {
                users = new List <string>();
                IPagedCollection <IDirectoryObject> members = await retrievedGroupFetcher.Members.ExecuteAsync();

                do
                {
                    List <IDirectoryObject> directoryObjects = members.CurrentPage.ToList();
                    foreach (IDirectoryObject member in directoryObjects)
                    {
                        if (member is User)
                        {
                            User user = member as User;
                            users.Add(string.Format("{0}, ({1})", user.DisplayName, user.UserPrincipalName));
                        }
                        if (member is Group)
                        {
                            Group group = member as Group;
                            users.Add(string.Format("Group - {0}", group.DisplayName));
                        }
                        if (member is Contact)
                        {
                            Contact contact = member as Contact;
                            users.Add(string.Format("Contact - {0}", contact.DisplayName));
                        }
                    }
                    members = members.GetNextPageAsync().Result;
                } while (members != null);
            }

            model.Add(Config.Roles.Admin, users);

            users  = null;
            groups = await activeDirectoryClient.Groups.Where(group => group.ObjectId.Equals(Config.SecurityGroups[Config.Roles.Support])).ExecuteAsync();

            retrievedGroupFetcher = groups.CurrentPage.FirstOrDefault() as Group;
            users = new List <string>();
            if (retrievedGroupFetcher != null)
            {
                users = new List <string>();
                IPagedCollection <IDirectoryObject> members = await retrievedGroupFetcher.Members.ExecuteAsync();

                do
                {
                    List <IDirectoryObject> directoryObjects = members.CurrentPage.ToList();
                    foreach (IDirectoryObject member in directoryObjects)
                    {
                        if (member is User)
                        {
                            User user = member as User;
                            users.Add(string.Format("{0}, ({1})", user.DisplayName, user.UserPrincipalName));
                        }
                        if (member is Group)
                        {
                            Group group = member as Group;
                            users.Add(string.Format("Group - {0}", group.DisplayName));
                        }
                        if (member is Contact)
                        {
                            Contact contact = member as Contact;
                            users.Add(string.Format("Contact - {0}", contact.DisplayName));
                        }
                    }
                    members = members.GetNextPageAsync().Result;
                } while (members != null);
            }

            model.Add(Config.Roles.Support, users);
            return(View(model));
        }
예제 #15
0
        private static void ExpandADGroup(List<Tuple<string, IDirectoryObject>> DirectoryObjects, IGroupFetcher retrievedGroupFetcher)
        {
            IPagedCollection<IDirectoryObject> GroupMembers = retrievedGroupFetcher.Members.ExecuteAsync().Result;

            do
            {
                List<IDirectoryObject> directoryObjects = GroupMembers.CurrentPage.ToList();

                foreach (IDirectoryObject directoryObject in directoryObjects)
                {
                    if (directoryObject is User)
                    {
                        DirectoryObjects.Add(Tuple.Create("user", directoryObject));
                    }
                    if (directoryObject is Contact)
                    {
                        DirectoryObjects.Add(Tuple.Create("contact", directoryObject));
                    }
                    if (directoryObject is Group)
                    {
                        DirectoryObjects.Add(Tuple.Create("group", directoryObject));
                        ExpandADGroup(DirectoryObjects, (IGroupFetcher)directoryObject);
                    }
                }
                GroupMembers = GroupMembers.GetNextPageAsync().Result;
            } while (GroupMembers != null);
        }
        public async Task<List<Models.User>> GetAssignedUsers()
        {
            try
            {
                // Create the Graph Client
                string tenantId = ClaimsPrincipal.Current.FindFirst(Globals.TenantIdClaimType).Value;
                ActiveDirectoryClient graphClient = new ActiveDirectoryClient(new Uri(Globals.GraphApiUrl, tenantId), async () => await GraphHelper.AcquireTokenAsApp());

                // Read users from db for evaluating in memory
                List<Models.User> userHistory = UsersDbHelper.GetUsersForTenant(tenantId);
                List<Models.User> usersWithStatus = new List<Models.User>(userHistory);
                List<Models.User> updatedUserHistory = new List<Models.User>(userHistory);

                // Get the assignments for the application
                ServicePrincipal sp = (ServicePrincipal)graphClient.ServicePrincipals.Where(servicePrincpial => servicePrincpial.AppId.Equals(ConfigHelper.ClientId)).ExecuteAsync().Result.CurrentPage.FirstOrDefault();
                IServicePrincipalFetcher spFetcher = sp;
                List<IAppRoleAssignment> assignments = spFetcher.AppRoleAssignedTo.ExecuteAsync().Result.CurrentPage.ToList(); // TODO: Paging

                // TODO: Better Error Handling
                // TODO: Retry Logic
                // TODO: Nested Groups
                // TODO: Paged Results on Assignments
                // TODO: Paged Results on Group Membership
                // TODO: Performance & Batch Queries

                // Get the groups assigned to the app first
                foreach (IAppRoleAssignment assignment in assignments)
                {
                    if (assignment.PrincipalType == "Group")
                    {
                        // Get the group members
                        IGroupFetcher gFetcher = graphClient.Groups.GetByObjectId(assignment.PrincipalId.ToString());
                        List<IDirectoryObject> members = gFetcher.Members.ExecuteAsync().Result.CurrentPage.ToList();

                        foreach (IDirectoryObject member in members)
                        {
                            if (member is User)
                            {   
                                User user = (User)member;
                                int existingUserIndex = userHistory.FindIndex(u => u.ObjectId == user.ObjectId);

                                // If the user did not exist in the db before
                                if (existingUserIndex == -1)
                                {
                                    // The user is new
                                    usersWithStatus.Add(new Models.User(user) { assignmentStatus = "New" });
                                    updatedUserHistory.Add(new Models.User(user));
                                }
                                else
                                {
                                    // The user is active, but not new
                                    usersWithStatus[usersWithStatus.FindIndex(u => u.ObjectId == user.ObjectId)] = new Models.User(user) { assignmentStatus = "Enabled" };
                                    updatedUserHistory[existingUserIndex] = new Models.User(user);
                                }
                            }
                        }
                    }
                }

                // Get the users assigned to the app second
                foreach (IAppRoleAssignment assignment in assignments)
                {
                    if (assignment.PrincipalType == "User")
                    {
                        int existingUserIndex = userHistory.FindIndex(u => u.ObjectId == assignment.PrincipalId.ToString());
                        int assignedUserIndex = usersWithStatus.FindIndex(u => u.ObjectId == assignment.PrincipalId.ToString());

                        // If we haven't seen the user before, add it
                        if (existingUserIndex == -1 &&  assignedUserIndex == -1)
                        {
                            User user = (User)await graphClient.Users.GetByObjectId(assignment.PrincipalId.ToString()).ExecuteAsync();
                            usersWithStatus.Add(new Models.User(user) { assignmentStatus = "New" });
                            updatedUserHistory.Add(new Models.User(user));
                        }

                        // If we have seen the user before but didn't already update his data as part of group assignment, update the user data.
                        else if (existingUserIndex >= 0 && string.IsNullOrEmpty(usersWithStatus[assignedUserIndex].assignmentStatus))
                        {
                            User user = (User)await graphClient.Users.GetByObjectId(assignment.PrincipalId.ToString()).ExecuteAsync();
                            usersWithStatus[usersWithStatus.FindIndex(u => u.ObjectId == user.ObjectId)] = new Models.User(user) { assignmentStatus = "Enabled" };
                            updatedUserHistory[existingUserIndex] = new Models.User(user);
                        }
                    }
                }

                UsersDbHelper.SaveUsersForTenant(tenantId, updatedUserHistory);
                return usersWithStatus;
            }
            catch (AdalException ex)
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }
        }
        public static async Task <IUser[]> GetGroupMembersAsync(this GraphService service, IGroupFetcher groupFetcher)
        {
            var collection = await groupFetcher.members.ExecuteAsync();

            return((await collection.GetAllAsnyc())
                   .OfType <IUser>().ToArray());
        }
 public static async Task<IUser[]> GetGroupMembersAsync(this GraphService service, IGroupFetcher groupFetcher)
 {
     var collection = await groupFetcher.members.ExecuteAsync();
     return (await collection.GetAllAsnyc())
         .OfType<IUser>().ToArray();
 }