Observação
O acesso a essa página exige autorização. Você pode tentar entrar ou alterar diretórios.
O acesso a essa página exige autorização. Você pode tentar alterar os diretórios.
概述
Microsoft Entra ID中的批量操作使你能够同时对多个实体(例如用户、组和设备)执行操作。 这些操作可能包括在单个操作中创建、删除或更新多个记录。 批量操作可以大大简化管理任务并提高效率。
Microsoft Entra管理门户中的批量操作可能会在大型租户上超时并失败。 此限制是一个由缩放限制导致的已知问题。
小窍门
现在可在预览版中体验新的批量操作功能,它提供了增强的性能,并消除了大型用户的扩展性限制。
注意
执行批量操作(如导入或创建)时,如果批量操作在一小时内未完成,可能会遇到问题。 若要解决此问题,请拆分每个批处理处理的记录数。 例如,在开始导出之前,可以通过筛选组类型或用户名来限制结果集,以减少结果的大小。 通过优化筛选器,实质上是限制批量操作返回的数据。
批量操作解决方案
此问题的解决方法是使用 PowerShell 进行直接Microsoft Graph API调用。 对于批量用户和组下载失败,我们建议使用 PowerShell cmdlet GET-MgGroup -All 和 GET-MgUser -All。
以下 PowerShell 代码示例适用于与以下场景相关的批量操作:
用户
以下部分介绍用户批量操作的限制。
下载所有用户
# Import the Microsoft Graph module
Import-Module Microsoft.Graph
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "User.Read.All"
# Get all users using Get-MgUser
$users = Get-MgUser -All -ConsistencyLevel eventual -Property Id, DisplayName, UserPrincipalName,UserType,OnPremisesSyncEnabled,CompanyName,CreationType
# Specify the output CSV file path
$outputCsvPath = "C:\\Users\\YourUsername\\Documents\\Users.csv"
# Create a custom object to store user data
$userData = @()
# Loop through each user and collect relevant data
foreach ($user in $users) {
$userObject = [PSCustomObject]@{
Id = $user.Id
DisplayName = $user.DisplayName
UserPrincipalName = $user.UserPrincipalName
UserType = $user.UserType
OnPremisesSyncEnabled = $user.OnPremisesSyncEnabled
CompanyName = $user.CompanyName
CreationType = $user.CreationType
}
$userData += $userObject
}
# Export user data to a CSV file
$userData | Export-Csv -Path $outputCsvPath -NoTypeInformation
# Disconnect from Microsoft Graph
Disconnect-MgGraph
Write-Host "User data exported to $outputCsvPath"
创建用户
# Import the Microsoft Graph module
Import-Module Microsoft.Graph
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "User.ReadWrite.All"
# Specify the path to the CSV file containing user data
$csvFilePath = "C:\\Path\\To\\Your\\Users.csv"
# Read the CSV file (adjust the column names as needed)
$usersData = Import-Csv -Path $csvFilePath
# Loop through each row in the CSV and create users \
foreach ($userRow in $usersData) {
$userParams = @{
DisplayName = $userRow.'Name [displayName] Required'
UserPrincipalName = $userRow.'User name [userPrincipalName] Required'
PasswordProfile = @{
Password = $userRow.'Initial password [passwordProfile] Required'
}
AccountEnabled = $true
MailNickName = $userRow.mailNickName
}
try {
New-MgUser @userParams
Write-Host "User $($userRow.UserPrincipalName) created successfully."
} catch {
Write-Host "Error creating user $($userRow.UserPrincipalName): $($_.Exception.Message)"
}
}
# Disconnect from Microsoft Graph
Disconnect-MgGraph
Write-Host "Bulk user creation completed."
注意
确保 CSV 文件包含必要的列(例如,DisplayNameUserPrincipalName)。 此外,请调整脚本以匹配 CSV 文件中的实际列名。
删除用户
# Import the Microsoft Graph module
Import-Module Microsoft.Graph
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "User.ReadWrite.All"
# Specify the path to the CSV file containing user data
$csvFilePath = "C:\\Path\\To\\Your\\Users.csv"
# Read the CSV file (adjust the column names as needed)
$usersData = Import-Csv -Path $csvFilePath
# Loop through each row in the CSV and delete users
foreach ($userRow in $usersData) {
try {
Remove-MgUser -UserId $userRow.UserPrincipalName -Confirm:$false
Write-Host "User $($userRow.UserPrincipalName) deleted successfully."
} catch {
Write-Host "Error deleting user $($userRow.UserPrincipalName): $($_.Exception.Message)"
}
}
# Disconnect from Microsoft Graph
Disconnect-MgGraph
Write-Host "Bulk user deletion completed."
注意
请确保 CSV 文件包含必要的列(例如 UserPrincipalName)。 此外,请调整脚本以匹配 CSV 文件中的实际列名。
群组
以下部分介绍组批量操作的限制。
批量下载所有组
Import-Module Microsoft.Graph.Groups
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "Group.Read.All"
# Get the group members
$groups = Get-MgGroup -All | Select displayName, Id, groupTypes,mail
# Create a custom object to store group data
$groupData = @()
# Loop through each group and collect relevant data
foreach ($group in $groups) {
if ($group.groupTypes -contains "Unified"){$groupType = "Microsoft 365"}
else {$groupType = "Security"}
if ($group.groupTypes -contains "DynamicMembership"){$membershipType = "Dynamic"}
else {$membershipType = "Assigned"}
$groupObject = [PSCustomObject]@{
Id = $group.Id
DisplayName = $group.displayName
Mail = $group.mail
GroupType = $groupType
MembershipType = $membershipType
}
$groupData += $groupObject
}
# Specify the output CSV file path
$outputCsvPath = "C:\\Users\\<YourUsername>\\Documents\\Groups.csv"
$groupData| Export-Csv -Path $outputCsvPath -NoTypeInformation
Write-Host "Group members exported to $outputCsvPath"
批量下载群组成员
Import-Module Microsoft.Graph.Groups
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "Group.Read.All,GroupMember.Read.All"
# Set the group ID of the group whose members you want to download
$groupId = "your_group_id"
# Get the group members
$members = Get-MgGroupMember -GroupId $groupId -All | select * -ExpandProperty additionalProperties | Select-Object @(
'id'
@{ Name = 'userPrincipalName'
Expression = { $_.AdditionalProperties["userPrincipalName"] }
}
@{ Name = 'displayName'
Expression = { $_.AdditionalProperties["displayName"] }
}
)
# Specify the output CSV file path
$outputCsvPath = "C:\\Users\\YourUserName\\Documents\\GroupMembers.csv"
$members| Export-Csv -Path $outputCsvPath -NoTypeInformation
# Disconnect from Microsoft Graph
Disconnect-MgGraph
Write-Host "Group members exported to $outputCsvPath"
批量添加成员
Import-Module Microsoft.Graph.Groups
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "GroupMember.ReadWrite.All"
# Import the CSV file
$members = Import-Csv -Path "C:\path\to\your\file.csv"
# Define the Group ID
$groupId = "your-group-id"
# Iterate over each member and add them to the group
foreach ($member in $members) {
try{
New-MgGroupMember -GroupId $groupId -DirectoryObjectId $member.memberObjectId
Write-Host "Added $($member.memberObjectId) to the group."
}
Catch{
Write-Host "Error adding member $($member.memberObjectId):$($_.Exception.Message)"
}
}
# Disconnect from Microsoft Graph
Disconnect-MgGraph
批量删除成员
Import-Module Microsoft.Graph.Groups
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "GroupMember.ReadWrite.All"
# Import the CSV file
$members = Import-Csv -Path "C:\path\to\your\file.csv"
# Define the Group ID
$groupId = "your-group-id"
# Iterate over each member and remove them from the group
foreach ($member in $members) {
try{
Remove-MgGroupMemberByRef -GroupId $groupId -DirectoryObjectId $member.memberObjectId \
Write-Host "Removed $($member.memberObjectId) from the group."
}
Catch{
Write-Host "Error removing member $($member.memberObjectId):$($_.Exception.Message)"
}
}
# Disconnect from Microsoft Graph
Disconnect-MgGraph
设备
以下部分介绍设备批量操作的限制。
批量下载所有设备
Import-Module Microsoft.Graph
# Authenticate to Microsoft Graph (you may need to provide your credentials)
Connect-MgGraph -Environment China -ClientId 'YOUR_CLIENT_ID' -TenantId 'YOUR_TENANT_ID' -Scopes "Device.Read.All"
# Get all devices
$devices = Get-MgDevice -All |select displayName,deviceId,operatingSystem,operatingSystemVersion,isManaged,isCompliant,mdmAppId,registeredOwners,TrustType
# Specify the output CSV file path
$outputCsvPath = "C:\\Users\\YourUserName\\Documents\\Devices.csv"
$devices| Export-Csv -Path $outputCsvPath -NoTypeInformation
Write-Host "Devices exported to $outputCsvPath"