AD用户从UPN迁移到B2C本地帐户 [英] AD user migration from UPN to B2C Local account

问题描述

按照此处发布的建议继续https://github.com/MicrosoftDocs/azure-docs/issues/22778。 br />


场景：我们有一个使用ADAL进行AD身份验证的Web应用程序和使用UserPrincipalName创建的用户登录  （username@domainname.microsoft.com）。 



我正在努力将我们的应用程序迁移到使用用户名的B2C本地帐户。我尝试使用本文档中提到的B2CGraphAPI updateuser（https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet）。
它给出错误，但没有错误细节。 



由于应用程序已经投入生产，我们不想创建新的登录对于现有用户并通过密码重置。我们如何将现有的UPN用户转换为本地帐户？



请求：



c：\> ; B2C更新用户...... \ usertemplate-username.json



usertemplate-username.json

{

" signInNames"：[

{

" type"：" userName"，&b $ b" value" ;：" converteduser1234"

}

]，

" creationType"：" LocalAccount"

}


结果：

错误调用图表API：

{

" odata.error" ;: {
$
" code"：" Request_BadRequest"，&b $ b" message"：{

" lang"：" en"，
$
" value"："处理写入请求时发生错误。"

}，

"requestId"：" 4578bc27-1611-4ba0-a740-7742ced632f7"，$
" date"：" 2019-01-18T09：34：53"

}

}



谢谢

解决方案

我认为没有创建新的本地用户就可以做到这一点。您将无法从UPN域帐户保留相同的个人资料。

https://superuser.com/questions/906705/how-to-turn-windows-domain-帐户到一个本地账户

Hi,

In continuation to https://github.com/MicrosoftDocs/azure-docs/issues/22778 as per the recommendation posting it here.

Scenario: We have a web application using AD authentication using ADAL and the users created with UserPrincipalName as login  (username@domainname.microsoft.com). 

I am working on migrating our application to use B2C local account with username. I tried using B2CGraphAPI updateuser as mentioned in this documentation (https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet). It gives error, but no details of error. 

As the application is already in production, we don't want to create the new login for existing users and go thru password reset. How do we convert the existing UPN users to Local Account?

Request:

c:\>B2C Update-User ......\usertemplate-username.json

usertemplate-username.json
{
"signInNames": [
{
"type": "userName",
"value": "converteduser1234"
}
],
"creationType": "LocalAccount"
}

Result:
Error Calling the Graph API:
{
"odata.error": {
"code": "Request_BadRequest",
"message": {
"lang": "en",
"value": "An error occurred while processing the write request."
},
"requestId": "4578bc27-1611-4ba0-a740-7742ced632f7",
"date": "2019-01-18T09:34:53"
}
}

Thank you

解决方案

I don't think it's possible to do this without creating a new local user. You wouldn't be able to keep the same profile from the UPN domain account.

https://superuser.com/questions/906705/how-to-turn-windows-domain-account-to-a-local-account

这篇关于AD用户从UPN迁移到B2C本地帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！