How to create AD nested groups using GraphServiceClient c#?

683 views Asked by At

Is it possible to create nested groups in Azure AD using Graph API client as:

enter image description here

1

There are 1 answers

0
unknown On BEST ANSWER

You could use AdditionalData to add members in the step of creating groups in C#.

The example creates a Security group with an owner and members specified. Note that a maximum of 20 relationships, such as owners and members, can be added as part of group creation.

IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
        .Create(clientId)
        .WithTenantId(tenantID)
        .WithClientSecret(clientSecret)
        .Build();

ClientCredentialProvider authProvider = new ClientCredentialProvider(confidentialClientApplication);
GraphServiceClient graphClient = new GraphServiceClient(authProvider);

// Create group B and add members(user-id1 and user-id2)
var additionalDataGroupB = new Dictionary<string, object>()
{
    {"[email protected]", new List<string>()}
};
(additionalData["[email protected]"] as List<string>).Add("https://graph.microsoft.com/v1.0/users/{id1}");
(additionalData["[email protected]"] as List<string>).Add("https://graph.microsoft.com/v1.0/users/{id2}");

var groupB = new Group
{
    Description = "Group B",
    DisplayName = "PamelaGroupB",
    GroupTypes = new List<String>()
    {
    },
    MailEnabled = false,
    MailNickname = "operations2019",
    SecurityEnabled = true,
    AdditionalData = additionalDataGroupB
};

Group groupBRequest = await graphClient.Groups.Request().AddAsync(groupB);
string groupB_id = groupBRequest.Id;

// Create group C
......
string groupC_id = groupCRequest.Id;


// Create group A and add members(groupB and groupC)
var additionalDataGroupA = new Dictionary<string, object>()
{
    {"[email protected]", new List<string>()}
};
(additionalData["[email protected]"] as List<string>).Add("https://graph.microsoft.com/v1.0/groups/" + groupB_id);
(additionalData["[email protected]"] as List<string>).Add("https://graph.microsoft.com/v1.0/groups/" + groupC_id);

var groupA = new Group
{
    Description = "Group A",
    DisplayName = "PamelaGroupA",
    GroupTypes = new List<String>()
    {
    },
    MailEnabled = false,
    MailNickname = "XXXXX",
    SecurityEnabled = true,
    AdditionalData = additionalDataGroupA
};

await graphClient.Groups.Request().AddAsync(groupA);