自动化企业应用程序权限 [英] Automate Enterprise Application Permissions

问题描述

嗨

有没有一种方法可以自动为企业应用程序提供权限?

Is there a way to automate permissions for an enterprise app?

我们所有的用户都在一个安全组中，但是我认为不支持嵌套组.

All of our users are in a security group, but i gather that nested groups are not supported.

向应用授予批量访问权并为新用户自动执行此操作的最佳方法是什么?

What is the best way to grant bulk access to an app, and automate this going forward for new users?

谢谢

Shane

推荐答案

您是正确的，尚不支持嵌套组

you are right that nested groups are not supported yet

请参阅: https: //docs.microsoft.com/zh-CN/azure/active-directory/users-groups-roles/groups-saasapps

是 ou可以为此投票并在此处查看更新:

You can vote for that and see updates here:

我想到的唯一方法是创建一个脚本，该脚本读取onPrem组，深入嵌套，然后将用户分配给属于该组成员(直接/间接)的应用程序.当然，脚本需要处理重复项. (用户认为 分为两组，两组都嵌套在一起.)

The only way that came to my mind is to create an script that reads the onPrem Groups, dive into the nesting and than assign the user to the apps who are member (direct/indirect) of that groups. Of course the script need to deal with duplicates. (Users that are in 2 groups and both groups nested into one.)

您可以为此使用Microsoft Graph或AAD PowerShell

You can leverage Microsoft Graph or AAD PowerShell for that

如果合适的脚本取决于用户/组的数量，则必须避免长时间运行该脚本.

If a script is suitable depends of the amount of users/groups you have to avoid long running times on that script.

/Peter

这篇关于自动化企业应用程序权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！