我正在努力寻找一种将 AAD 安全组添加为 SPO 网站集中的域组的方法,例如:贡献权利。
想要跳过所有默认的 SharePoint 安全组。 使用 UI,这似乎完全有可能。
找不到合适的 PNP 突击队,ChatGPT 也没那么有用 ;-)
您可以创建一个空的 SharePoint 组并将 AD 组添加到 SharePoint 组,然后使用 PowerShell。
#Variables for Admin Center & Site Collection URL
$AdminCenterURL = "https://crescent-admin.sharepoint.com/"
$SiteURL = "https://crescent.sharepoint.com/sites/marketing"
$SPGroupName="Sales Portal Members"
$ADGroupName = "Marketing Managers"
#Connect to SharePoint Online
Connect-SPOService -url $AdminCenterURL -Credential (Get-Credential)
#sharepoint online powershell add group to site
New-SPOSiteGroup -Site $SiteURL -Group $SPGroupName -PermissionLevels "Edit"
Function Add-ADGroupToSP($SiteURL,$ADGroupName,$SPGroupName)
{
#Setup Credentials to connect
$Cred = Get-Credential
$Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($Cred.UserName,$Cred.Password)
Try {
#Setup the context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Ctx.Credentials = $Cred
#Get the Web and SharePoint Group
$Web = $Ctx.Web
$Group= $Web.SiteGroups.GetByName($SPGroupName)
#Resolve the AD Security Group
$ADGroup = $web.EnsureUser($ADGroupName)
#sharepoint online powershell add AD group to sharepoint group
$Result = $Group.Users.AddUser($ADGroup)
$Ctx.Load($Result)
$Ctx.ExecuteQuery()
write-host -f Green "Active Directory Group '$ADGroupName' has been added to '$SPGroupName'"
}
Catch {
write-host -f Red "Error:" $_.Exception.Message
}
}
Add-ADGroupToSP -SiteURL $SiteURL -ADGroupName $ADGroupName -SPGroupName $SPGroupName
如果有人还在寻找这个 或供将来参考。我想我已经找到办法了。
$Teamsite = "https://xxx.sharepoint.com/sites/xxx"
$DomainGroup = "c:0t.c|tenant|Azure AD SG ID"
$PermissionLevel = "Contribute"
Connect-pnponline $teamsite -interactive
Set-PnPWebPermission -User $DomainGroup -AddRole $PermissionLevel -Identity "/"