如何在Azure Active Directory B2C中添加具有本地名称的用户? [英] How do you add a user with a local name in Azure Active Directory B2C?

问题描述

我已经启动并运行了Azure Active Directory B2C，并且可以使用在AD中创建的@ .onmicrosoft.com形式的用户登录.因此，例如 john.smith@myorganization.onmicrosoft.com ，就可以正常工作.但是这些用户名对于外部使用是不可接受的.我还可以使用基本的Microsoft帐户登录名，因此，名称为 john.smith@comcast.net 的用户将可以通过Microsoft目录重定向来工作.

I've got an Azure Active Directory B2C up and running and can sign in with users created in the AD that have the form of @.onmicrosoft.com.  So, for example, john.smith@myorganization.onmicrosoft.com, works just fine.  But these user names are unacceptable for external use.  I've also got basic Microsoft Account logins working, so a user with the name of john.smith@comcast.net will work by redirecting through the Microsoft directory.

但是我想允许任意电子邮件登录.使用Azure门户，如何添加用户并为他们提供登录名 john.smith@somecompany.com ?该文档和常见问题解答表明有可能，但是添加用户时我无法在Azure门户中找到该选项.我想念什么?

But I want to allow arbitrary emails for logins.  Using the Azure Portal, how do I add a user and give them a login id of john.smith@somecompany.com?  The document and FAQ indicate that it's possible, but I can't find the option in the Azure portal when I add a user.  What am I missing?

推荐答案

Azure AD B2C用户不应通过Users&分组刀片.

虽然此刀片可从Azure AD B2C编辑设置刀片中获得，但目前打算用于管理常规(公司/企业)Azure AD的用户.从技术上讲，可以通过此刀片创建/添加用户，但最终会出现不希望的/意外的行为，如您所观察到的，使用@ tenantname.onmicrosoft.com创建用户或通过Azure将其创建为来宾的用户AD B2B协作功能最终无法登录到您的Azure AD B2C集成应用程序.

This blade, while available from the Azure AD B2C Edit Settings blade, is meant at this time to be used to manage users for regular (corporate/enterprise) Azure AD. While it is technically possible to create/add users via this blade, you'll end up with undesired/unexpected behavior such as, as you observed, users being created with @tenantname.onmicrosoft.com or having them created as Guests via the Azure AD B2B Collaboration feature that ultimately can't sign in to your Azure AD B2C integrated applications.

在Azure AD B2C的上下文中，您仅应使用此刀片来浏览租户中的用户，始终以只读模式浏览.

In the context of Azure AD B2C, you should only use this blade to browse the users in the tenant, always in read only mode.

要创建Azure AD B2C用户，您应该:

To create Azure AD B2C users, you should either:

• 让用户通过注册"或统一的注册/登录"政策自行注册.
• 通过Graph API以编程方式预先创建用户.对于这种方法，请查看此示例，其中包含一个用于创建用户并显示其背后代码的CLI.

• Have the users sign-up by themselves via the Sign-up or unified Sign-up/Sign-in policy.
• Programatically pre-create the users via the Graph API. For this approach check out this sample which contains a CLI to create users and showcases the code behind it.

这篇关于如何在Azure Active Directory B2C中添加具有本地名称的用户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！