英文:
Cannot find type [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] Error
问题
我尝试为我在租户中创建的应用程序注册添加额外的声明映射。
$app = Get-AzureADApplication -ObjectId <obj-id>
$policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy
$policy.InputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.InputClaim).Type("email")
)
$policy.OutputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.OutputClaim).Type("t24user")
)
$policy.ClaimMappings = @(
(New-Object Microsoft.Open.AzureAD.Model.ClaimMapping).InputClaimType("email").OutputClaimType("t24user").TransformationMethod("ExtractPrefixFromEmail")
)
当我运行第2行时,我收到以下错误消息:
$policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy
New-Object : 无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy]:请验证包含此类型的程序集是否已加载。
At line:1 char:11
+ $policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMap ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidType: (:) [New-Object], PSArgumentException
+ FullyQualifiedErrorId : TypeNotFound,Microsoft.PowerShell.Commands.NewObjectCommand
我尝试重新安装 AzureAD 模块,并尝试安装 AzureADPreivew 模块,但没有帮助。感谢在这里提供帮助。
英文:
Im trying to add additional claim mapping to an app registration, Ive created in my tenant.
$app = Get-AzureADApplication -ObjectId <obj-id>
$policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy
$policy.InputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.InputClaim).Type("email")
)
$policy.OutputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.OutputClaim).Type("t24user")
)
$policy.ClaimMappings = @(
(New-Object Microsoft.Open.AzureAD.Model.ClaimMapping).InputClaimType("email").OutputClaimType("t24user").TransformationMethod("ExtractPrefixFromEmail")
)
Im getting the following error when I run this on line 2
$policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy
At line:1 char:11
+ $policy = New-Object -TypeName Microsoft.Open.AzureAD.Model.ClaimsMap ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidType: (:) [New-Object], PSArgumentException
+ FullyQualifiedErrorId : TypeNotFound,Microsoft.PowerShell.Commands.NewObjectCommand
I tried to re-install AzureAD module and also tried with installing AzureADPreivew Module also. But it was not helping. Appreciate help here.
答案1
得分: 1
以下是您要求的翻译部分:
I tried to reproduce the same in my environment and got below results:
When I ran same PowerShell script as you, I got same error like below:
$app = Get-AzureADApplication -ObjectId <obj-id>
$policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy
$policy.InputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.InputClaim).Type("email")
)
$policy.OutputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.OutputClaim).Type("t24user")
)
$policy.ClaimMappings = @(
(New-Object Microsoft.Open.AzureAD.Model.ClaimMapping).InputClaimType("email").OutputClaimType("t24user").TransformationMethod("ExtractPrefixFromEmail")
)
Response:
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/h0zF4.png)
Alternatively, you can make use of New-AzureADPolicy command that requires AzureADPreview module.
To install that module, you need to uninstall AzureAD module like below:
Disconnect-AzureAD
Uninstall-Module AzureAD
Install-Module AzureADPreview
Connect-AzureAD
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/D3iye.png)
Now run below Powershell command to create claim mapping policy:
New-AzureADPolicy -Definition @('
{
"ClaimsMappingPolicy":
{
"Version":1,"IncludeBasicClaimSet":"true",
"ClaimsSchema": [{"Source":"user","ID":"extensionattribute1","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/t24user","JwtClaimType":"t24user"}]
}
}') -DisplayName "t24userclaimPolicy" -Type "ClaimsMappingPolicy"
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/Y5ucW.png)
Note the ID of the policy from above response and assign it to your service principal using below command:
Add-AzureADServicePrincipalPolicy -Id serviceprincipal_ObjectID -RefObjectId policy_ID
To confirm whether the policy is assigned or not, you can run below command:
Get-AzureADServicePrincipalPolicy -Id serviceprincipal_ObjectID
Response:
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/nBtWT.png)
I assigned value to above claim by running this Graph query:
PATCH https://graph.microsoft.com/v1.0/me
{
"onPremisesExtensionAttributes":
{
"extensionAttribute1": "sri_mail"
}
}
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/fTuJe.png)
Make sure to set "acceptMappedClaims": true in App's Manifest like below:
Go to Azure Portal -> Azure Active Directory -> App registrations -> Your App -> Manifest
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/QN0Ua.png)
Now, I generated token for above application and got claim successfully after decoding it in jwt.ms website like below:
![无法找到类型 [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] 错误。](https://i.stack.imgur.com/CjuXE.png)
英文:
I tried to reproduce the same in my environment and got below results:
When I ran same PowerShell script as you, I got same error like below:
$app = Get-AzureADApplication -ObjectId <obj-id>
$policy = New-Object Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy
$policy.InputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.InputClaim).Type("email")
)
$policy.OutputClaims = @(
(New-Object Microsoft.Open.AzureAD.Model.OutputClaim).Type("t24user")
)
$policy.ClaimMappings = @(
(New-Object Microsoft.Open.AzureAD.Model.ClaimMapping).InputClaimType("email").OutputClaimType("t24user").TransformationMethod("ExtractPrefixFromEmail")
)
Response:
Alternatively, you can make use of New-AzureADPolicy command that requires AzureADPreview module.
To install that module, you need to uninstall AzureAD module like below:
Disconnect-AzureAD
Uninstall-Module AzureAD
Install-Module AzureADPreview
Connect-AzureAD
Now run below Powershell command to create claim mapping policy:
New-AzureADPolicy -Definition @('
{
"ClaimsMappingPolicy":
{
"Version":1,"IncludeBasicClaimSet":"true",
"ClaimsSchema": [{"Source":"user","ID":"extensionattribute1","SamlClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/t24user","JwtClaimType":"t24user"}]
}
}') -DisplayName "t24userclaimPolicy" -Type "ClaimsMappingPolicy"
Note the ID of the policy from above response and assign it to your service principal using below command:
Add-AzureADServicePrincipalPolicy -Id serviceprincipal_ObjectID -RefObjectId policy_ID
To confirm whether the policy is assigned or not, you can run below command:
Get-AzureADServicePrincipalPolicy -Id serviceprincipal_ObjectID
Response:
I assigned value to above claim by running this Graph query:
PATCH https://graph.microsoft.com/v1.0/me
{
"onPremisesExtensionAttributes":
{
"extensionAttribute1": "sri_mail"
}
}
Make sure to set "acceptMappedClaims": true in App's Manifest like below:
Go to Azure Portal -> Azure Active Directory -> App registrations -> Your App -> Manifest
Now, I generated token for above application and got claim successfully after decoding it in jwt.ms website like below:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论