您现在访问的是微软AZURE全球版技术文档网站,若需要访问由世纪互联运营的MICROSOFT AZURE中国区技术文档网站,请访问 https://docs.azure.cn.

快速入门:使用 PowerShell 添加来宾用户Quickstart: Add a guest user with PowerShell

有很多种方法可用于邀请外部合作伙伴通过 Azure Active Directory B2B 协作访问你的应用和服务。There are many ways you can invite external partners to your apps and services with Azure Active Directory B2B collaboration. 在上个快速入门中,你已了解如何在 Azure Active Directory 管理门户中直接添加来宾用户。In the previous quickstart, you saw how to add guest users directly in the Azure Active Directory admin portal. 此外还可以使用 PowerShell 添加来宾用户,可以选择一次添加一个,也可以选择批量添加。You can also use PowerShell to add guest users, either one at a time or in bulk. 在本快速入门中,你将使用 New-AzureADMSInvitation 命令将一个来宾用户添加到 Azure 租户。In this quickstart, you’ll use the New-AzureADMSInvitation command to add one guest user to your Azure tenant.

如果还没有 Azure 订阅,可以在开始前创建一个免费帐户If you don’t have an Azure subscription, create a free account before you begin.

必备条件Prerequisites

PowerShell 模块PowerShell Module

安装适用于 Graph 的 AzureAD V2 PowerShell 模块 (AzureAD) 或适用于 Graph 的 AzureAD V2 PowerShell 模块预览版 (AzureADPreview)。Install the Azure AD V2 PowerShell for Graph module (AzureAD) or the Azure AD V2 PowerShell for Graph module preview version (AzureADPreview).

获取测试电子邮件帐户Get a test email account

需要可向其发送邀请的测试电子邮件帐户。You need a test email account that you can send the invitation to. 这些帐户必须来自组织外部。The account must be from outside your organization. 可使用任意类型的帐户,包括 gmail.com 或 outlook.com 地址等社交帐户。You can use any type of account, including a social account such as a gmail.com or outlook.com address.

登录租户Sign in to your tenant

运行以下命令以连接到租户域:Run the following command to connect to the tenant domain:

Connect-AzureAD -TenantDomain "<Tenant_Domain_Name>"

例如,Connect-AzureAD -TenantDomain "contoso.onmicrosoft.com"For example, Connect-AzureAD -TenantDomain "contoso.onmicrosoft.com".

在系统提示时输入凭据。When prompted, enter your credentials.

发送邀请Send an invitation

  1. 要向测试电子邮件帐户发送邀请,请运行以下 PowerShell 命令(将“Sanda”和“sanda@fabrikam.com”替换为你的测试电子邮件帐户名和电子邮件地址) :To send an invitation to your test email account, run the following PowerShell command (replace "Sanda" and sanda@fabrikam.com with your test email account name and email address):

    New-AzureADMSInvitation -InvitedUserDisplayName "Sanda" -InvitedUserEmailAddress sanda@fabrikam.com -InviteRedirectURL https://myapps.microsoft.com -SendInvitationMessage $true
    
  2. 该命令向指定的电子邮件地址发送邀请。The command sends an invitation to the email address specified. 查看输出,输出应如下所示:Check the output, which should look similar to the following:

    显示“等待用户接受”的 PowerShell 输出

验证用户是否存在于目录中Verify the user exists in the directory

  1. 要验证邀请的用户是否已添加到 Azure AD,请运行以下命令:To verify that the invited user was added to Azure AD, run the following command:

    Get-AzureADUser -Filter "UserType eq 'Guest'"
    
  2. 查看输出,确保已列出受邀用户,其中用户主体名称 (UPN) 采用 emailaddress#EXT#@domain 的格式 。Check the output to make sure the user you invited is listed, with a user principal name (UPN) in the format emailaddress#EXT#@domain. 例如,sanda_fabrikam.com#EXT#@contoso.onmicrosoft.com,其中 contoso.onmicrosoft.com 是你从其发送邀请的组织。For example, sanda_fabrikam.com#EXT#@contoso.onmicrosoft.com, where contoso.onmicrosoft.com is the organization from which you sent the invitations.

    显示已添加的来宾用户的 PowerShell 输出

清理资源Clean up resources

目录中不再需要测试用户帐户时,请将其删除。When no longer needed, you can delete the test user account in the directory. 运行以下命令来删除用户帐户:Run the following command to delete a user account:

 Remove-AzureADUser -ObjectId "<UPN>"

例如: Remove-AzureADUser -ObjectId "sanda_fabrikam.com#EXT#@contoso.onmicrosoft.com"For example: Remove-AzureADUser -ObjectId "sanda_fabrikam.com#EXT#@contoso.onmicrosoft.com"

后续步骤Next steps

在本快速入门中,你已邀请一个来宾用户并使用 PowerShell 将其添加到目录。In this quickstart, you invited and added a single guest user to your directory using PowerShell. 接下来,了解如何使用 PowerShell 批量邀请来宾用户。Next, learn how to invite guest users in bulk using PowerShell.