powershell - Graph API - 从预建脚本中添加带有员工 ID 的自定义列
问题描述
我正在使用 Microsoft 通过 Graph API 提供的 365 活动用户报告,但是它只缺少我需要的一件事——那就是employeeNumber。我们最近扩展了我们的模式,我可以像这样查询employeeNumber:
https://graph.microsoft.com/v1.0/users?$select=extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber
下面代码的输出为我提供了所有许可的、活跃的 365 用户以及他们的许可类型,但我想以某种方式还包括 employeeNumber 列。考虑到这是微软的罐头报告,我不确定这是否可能。
我是否只需使用 的结果构建一个报表对象$reports
,然后运行单独的查询以获取所有员工编号,并以某种方式插入该列?我想我可以通过使用来匹配它们userPrincipalName
。
# CHANGE THESE VALUES
$TenantID = 'tenantid' #The Directory ID from Azure AD
$ClientID = 'ClientID ' #The Application ID of the registered app
$ClientSecret = 'ClientSecret ' #The secret key of the registered app
# ------------------------------------------------------
# DO NOT CHANGE THESE
$body = @{grant_type="client_credentials";scope="https://graph.microsoft.com/.default";client_id=$ClientID;client_secret=$ClientSecret}
$oauth = Invoke-RestMethod -Method Post -Uri https://login.microsoftonline.com/$tenantID/oauth2/v2.0/token -Body $body
$token = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}
# ------------------------------------------------------
$graphApiUri = "https://graph.microsoft.com/v1.0/reports/getOffice365ActiveUserDetail(period='D90')"
$Reports = Invoke-RestMethod -Method Get -Uri $graphApiUri -Headers $token | ConvertFrom-Csv
$Reports | Export-Csv "c:\temp\GraphAPI365UsersReport.csv" -NoTypeInformation
更新了脚本,效果很好。
# Application (client) ID, Directory (tenant) ID, and secret
$clientID = "clientID"
$tenantID = "tenantID"
$ClientSecret = "ClientSecret"
$resource = "https://graph.microsoft.com/"
#Get token
Write-Output "Acquire Graph Token."
try {
$body = @{grant_type="client_credentials";scope="https://graph.microsoft.com/.default";client_id=$ClientID;client_secret=$ClientSecret}
$oauth = Invoke-RestMethod -Method Post -Uri https://login.microsoftonline.com/$tenantID/oauth2/v2.0/token -Body $body
$token = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}
}
catch {
Write-Output "Error getting Graph Token."
Write-Output $_.Exception.Message
EXIT
}
# ------------------------------------------------------
$graphApiUri = "https://graph.microsoft.com/v1.0/reports/getOffice365ActiveUserDetail(period='D90')"
$Uri = "https://graph.microsoft.com/v1.0/users?`$select=userPrincipalName,extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber"
$O365Report = Invoke-RestMethod -Method Get -Uri $graphApiUri -Headers $token | ConvertFrom-Csv
# If the result is more than 999, we need to read the @odata.nextLink to show more than one side of users
$UserDetails = while (-not [string]::IsNullOrEmpty($uri)) {
# API Call
$apiCall = try {
Invoke-RestMethod -Headers $token -Uri $uri -Method Get
}
catch {
$errorMessage = $_.ErrorDetails.Message | ConvertFrom-Json
}
$uri = $null
if ($apiCall) {
# Check if any data is left
$uri = $apiCall.'@odata.nextLink'
$apiCall
}
}
$O365Report | ForEach-Object {
$CurrentEmpNumber = $UserDetails.value |
Where-Object userPrincipalName -eq $_.'User Principal Name' |
Select-Object -ExpandProperty extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber
$_ | Add-Member -MemberType NoteProperty -Name extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber -Value $CurrentEmpNumber
}
$O365Report | Export-Csv "c:\temp\GraphAPI365UsersReport.csv" -NoTypeInformation
解决方案
不幸的是,这些报告确实非常静态,但获得您想要的信息应该不难。我没有你的扩展,但这样的东西应该可以工作:
$Reports = Invoke-RestMethod -Method Get -Uri $graphApiUri -Headers $token | ConvertFrom-Csv
$Uri = 'https://graph.microsoft.com/v1.0/users?$select=userPrincipalName,extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber'
$UserDetails = Invoke-RestMethod -Method Get -Uri $Uri -Headers $token
$Reports | ForEach-Object {
$CurrentEmpNumber = $UserDetails.value |
Where-Object userPrincipalName -eq $_.'User Principal Name' |
Select-Object -ExpandProperty extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber
$_ | Add-Member -MemberType NoteProperty -Name EmployeeNumber -Value $CurrentEmpNumber
}
$Reports | Export-Csv "c:\temp\GraphAPI365UsersReport.csv" -NoTypeInformation
在相关说明中,您为什么为此扩展架构?Azure AD 中已经有一个 EmployeeId 属性,因此extension_335d4df9847945fbaa472c8b8fbb5d75_employeeNumber
在上面的代码中可能只是employeeId
.
推荐阅读
- java - 插入或替换仅适用于数据库中的 1 行
- amazon-web-services - AWS Secrets Manager - 在本地 Codebuild 容器中使用密钥
- html - 不需要的滚动条问题
- python - 如何在python的write函数中加上引号
- vba - 用户表单引发的自定义事件不会将错误冒泡回原始调用过程
- python - 搜索后django Count显示不同的值
- java - 我如何将 customView 连接到主要活动
- postman-pre-request-script - pm.request.url.toString() 的值为 env var 而不是占位符
- python - 神经渲染器pytorch(setup.py)的构建轮...安装多人和神经网格渲染器不适用于pytorch 1.6
- google-maps-api-3 - 获取州级地点列表的最佳方式(google places api)