Skip to content

Commit ac9cabf

Browse files
author
Kalyan Krishna
committed
Minor edits to readme and a good run from the updated codegen branch
1 parent 013bb94 commit ac9cabf

File tree

5 files changed

+243
-58
lines changed

5 files changed

+243
-58
lines changed

5-AccessControl/2-call-api-groups/AppCreationScripts/BulkCreateGroups.ps1

Lines changed: 51 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,10 @@ Function CreateGroupsAndAssignUser($user)
6262

6363
$val += 1;
6464
}
65+
6566
}
6667

68+
6769
<#.Description
6870
This function signs in the user to the tenant using Graph SDK.
6971
Add the user object_id below to assign the user the groups
@@ -80,25 +82,65 @@ Function ConfigureApplications
8082

8183
if ($tenantId -eq "")
8284
{
83-
Connect-MgGraph -Scopes "User.Read.All Group.ReadWrite.All GroupMember.ReadWrite.All" -Environment $azureEnvironmentName
84-
$tenantId = (Get-MgContext).TenantId
85+
Connect-MgGraph -Scopes "Organization.Read.All User.Read.All Group.ReadWrite.All GroupMember.ReadWrite.All" -Environment $azureEnvironmentName
8586
}
8687
else
8788
{
88-
Connect-MgGraph -TenantId $tenantId -Scopes "User.Read.All Group.ReadWrite.All GroupMember.ReadWrite.All" -Environment $azureEnvironmentName
89+
Connect-MgGraph -TenantId $tenantId -Scopes "Organization.Read.All User.Read.All Group.ReadWrite.All GroupMember.ReadWrite.All" -Environment $azureEnvironmentName
8990
}
9091

92+
$context = Get-MgContext
93+
$tenantId = $context.TenantId
94+
95+
# Get the user running the script
96+
$currentUserPrincipalName = $context.Account
97+
$user = Get-MgUser -Filter "UserPrincipalName eq '$($context.Account)'"
98+
99+
# get the tenant we signed in to
100+
$Tenant = Get-MgOrganization
101+
$tenantName = $Tenant.DisplayName
102+
103+
$verifiedDomain = $Tenant.VerifiedDomains | where {$_.Isdefault -eq $true}
104+
$verifiedDomainName = $verifiedDomain.Name
105+
$tenantId = $Tenant.Id
106+
107+
Write-Host ("Connected to Tenant {0} ({1}) as account '{2}'. Domain is '{3}'" -f $Tenant.DisplayName, $Tenant.Id, $currentUserPrincipalName, $verifiedDomainName)
108+
91109
# Add user object Id here
92-
$usersobjectId = Read-Host -Prompt "Enter the object Id (from Azure portal) of the user who will assigned to these security groups"
110+
$usersobjectId = Read-Host -Prompt "Enter the object Id (from Azure portal) of the user who will assigned to these security groups, or press enter to use the currently signed-in user's object Id - '$($user.Id)'"
93111

94-
$user = Get-MgUser -UserId $usersobjectId
112+
if ($usersobjectId -eq '')
113+
{
114+
$usersobjectId = $user.Id
115+
}
116+
117+
$userassigned = Get-MgUser -UserId $usersobjectId
95118

96119
Write-Host 'Found user -'
97-
$user | Format-List ID, DisplayName, Mail, UserPrincipalName
120+
$userassigned | Format-List ID, DisplayName, Mail, UserPrincipalName
98121

99-
CreateGroupsAndAssignUser -user $user
122+
CreateGroupsAndAssignUser -user $userassigned
100123
}
101124

125+
# Pre-requisites
126+
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph")) {
127+
Install-Module "Microsoft.Graph" -Scope CurrentUser
128+
}
129+
130+
#Import-Module Microsoft.Graph
131+
132+
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Authentication")) {
133+
Install-Module "Microsoft.Graph.Authentication" -Scope CurrentUser
134+
}
135+
136+
Import-Module Microsoft.Graph.Authentication
137+
138+
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Identity.DirectoryManagement")) {
139+
Install-Module "Microsoft.Graph.Identity.DirectoryManagement" -Scope CurrentUser
140+
}
141+
142+
Import-Module Microsoft.Graph.Identity.DirectoryManagement
143+
102144
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Authentication"))
103145
{
104146
Install-Module "Microsoft.Graph.Authentication" -Scope CurrentUser
@@ -109,15 +151,15 @@ Import-Module Microsoft.Graph.Authentication
109151

110152
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Groups"))
111153
{
112-
Install-Module "Microsoft.Graph.Groups" -Scope CurrentUser
154+
Install-Module "Microsoft.Graph.Groups" -Scope CurrentUser
113155
Write-Host "Installed Microsoft.Graph.Groups module. If you are having issues, please create a new PowerShell session and try again."
114156
}
115157

116158
Import-Module Microsoft.Graph.Groups
117159

118160
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Users"))
119161
{
120-
Install-Module "Microsoft.Graph.Users" -Scope CurrentUser
162+
Install-Module "Microsoft.Graph.Users" -Scope CurrentUser
121163
Write-Host "Installed Microsoft.Graph.Users module. If you are having issues, please create a new PowerShell session and try again."
122164
}
123165

5-AccessControl/2-call-api-groups/AppCreationScripts/BulkRemoveGroups.ps1

Lines changed: 23 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -51,12 +51,14 @@ Function RemoveGroups
5151
else
5252
{
5353
Write-Host "Couldn't find group $($groupName) with ID: $($group.Id)"
54-
}
54+
}
55+
5556

5657
$val += 1;
5758
}
5859
}
5960

61+
6062
<#.Description
6163
This function signs in the user to the tenant using Graph SDK.
6264
#>
@@ -71,19 +73,36 @@ Function ConfigureApplications
7173

7274
if ($tenantId -eq "")
7375
{
74-
Connect-MgGraph -Scopes "Group.ReadWrite.All" -Environment $azureEnvironmentName
75-
$tenantId = (Get-MgContext).TenantId
76+
Connect-MgGraph -Scopes "Organization.Read.All Group.ReadWrite.All" -Environment $azureEnvironmentName
7677
}
7778
else
7879
{
79-
Connect-MgGraph -TenantId $tenantId -Scopes "Group.ReadWrite.All" -Environment $azureEnvironmentName
80+
Connect-MgGraph -TenantId $tenantId -Scopes "Organization.Read.All Group.ReadWrite.All" -Environment $azureEnvironmentName
8081
}
82+
83+
$context = Get-MgContext
84+
$tenantId = $context.TenantId
85+
86+
# Get the user running the script
87+
$currentUserPrincipalName = $context.Account
88+
$user = Get-MgUser -Filter "UserPrincipalName eq '$currentUserPrincipalName'"
89+
90+
# get the tenant we signed in to
91+
$Tenant = Get-MgOrganization
92+
$tenantName = $Tenant.DisplayName
93+
94+
$verifiedDomain = $Tenant.VerifiedDomains | where {$_.Isdefault -eq $true}
95+
$verifiedDomainName = $verifiedDomain.Name
96+
$tenantId = $Tenant.Id
97+
98+
Write-Host ("Connected to Tenant {0} ({1}) as account '{2}'. Domain is '{3}'" -f $Tenant.DisplayName, $Tenant.Id, $currentUserPrincipalName, $verifiedDomainName)
8199

82100
# now remove groups
83101
RemoveGroups
84102

85103
}
86104

105+
87106
$ErrorActionPreference = "Stop"
88107

89108
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Authentication"))

5-AccessControl/2-call-api-groups/AppCreationScripts/Cleanup.ps1

Lines changed: 51 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,20 @@ Function RemoveSecurityGroup([string] $name, [switch] $promptBeforeDelete)
8282
return $group.Id
8383
}
8484

85+
<#.Description
86+
This function assigns a provided user to a security group
87+
#>
88+
Function AssignUserToGroup([Microsoft.Graph.PowerShell.Models.MicrosoftGraphUser]$userToAssign, [Microsoft.Graph.PowerShell.Models.MicrosoftGraphGroup]$groupToAssign)
89+
{
90+
$owneruserId = $userToAssign.Id
91+
$params = @{
92+
"@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/{$owneruserId}"
93+
}
94+
95+
New-MgGroupMemberByRef -GroupId $groupToAssign.Id -BodyParameter $params
96+
Write-Host "Successfully assigned user '$($userToAssign.UserPrincipalName)' to group '$($groupToAssign.DisplayName)'"
97+
}
98+
8599
Function Cleanup
86100
{
87101
if (!$azureEnvironmentName)
@@ -103,14 +117,30 @@ Function Cleanup
103117

104118
if ($tenantId -eq "")
105119
{
106-
Connect-MgGraph -Scopes "Application.ReadWrite.All Group.ReadWrite.All" -Environment $azureEnvironmentName
107-
$tenantId = (Get-MgContext).TenantId
120+
Connect-MgGraph -Scopes "Organization.Read.All Application.ReadWrite.All Group.ReadWrite.All" -Environment $azureEnvironmentName
108121
}
109122
else
110123
{
111-
Connect-MgGraph -TenantId $tenantId -Scopes "Application.ReadWrite.All Group.ReadWrite.All" -Environment $azureEnvironmentName
124+
Connect-MgGraph -TenantId $tenantId -Scopes "Organization.Read.All Application.ReadWrite.All Group.ReadWrite.All" -Environment $azureEnvironmentName
112125
}
113126

127+
$context = Get-MgContext
128+
$tenantId = $context.TenantId
129+
130+
# Get the user running the script
131+
$currentUserPrincipalName = $context.Account
132+
$user = Get-MgUser -Filter "UserPrincipalName eq '$($context.Account)'"
133+
134+
# get the tenant we signed in to
135+
$Tenant = Get-MgOrganization
136+
$tenantName = $Tenant.DisplayName
137+
138+
$verifiedDomain = $Tenant.VerifiedDomains | where {$_.Isdefault -eq $true}
139+
$verifiedDomainName = $verifiedDomain.Name
140+
$tenantId = $Tenant.Id
141+
142+
Write-Host ("Connected to Tenant {0} ({1}) as account '{2}'. Domain is '{3}'" -f $Tenant.DisplayName, $Tenant.Id, $currentUserPrincipalName, $verifiedDomainName)
143+
114144
# Removes the applications
115145
Write-Host "Cleaning-up applications from tenant '$tenantId'"
116146

@@ -158,6 +188,24 @@ Function Cleanup
158188
}
159189

160190
# Pre-requisites
191+
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph")) {
192+
Install-Module "Microsoft.Graph" -Scope CurrentUser
193+
}
194+
195+
#Import-Module Microsoft.Graph
196+
197+
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Authentication")) {
198+
Install-Module "Microsoft.Graph.Authentication" -Scope CurrentUser
199+
}
200+
201+
Import-Module Microsoft.Graph.Authentication
202+
203+
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Identity.DirectoryManagement")) {
204+
Install-Module "Microsoft.Graph.Identity.DirectoryManagement" -Scope CurrentUser
205+
}
206+
207+
Import-Module Microsoft.Graph.Identity.DirectoryManagement
208+
161209
if ($null -eq (Get-Module -ListAvailable -Name "Microsoft.Graph.Applications")) {
162210
Install-Module "Microsoft.Graph.Applications" -Scope CurrentUser
163211
}

0 commit comments

Comments
 (0)