我的最终目标是使用 PowerShell 脚本创建应用保护并分配它。除了分配之外,一切都正常,因此我使用 Graph Explorer 来确定分配策略的正确语法。每个场景都失败,并显示“没有方法匹配路由模板”。权限已验证。策略和组 ID 已验证。欢迎任何帮助。
以下是带有分配的策略的响应预览。
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#deviceAppManagement/androidManagedAppProtections('{ID}')/assignments",
"value": [
{
"id": "cb16bf46-1479-45b2-8221-2f4c5cada212_incl",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
]
}
对于我想要分配的策略,GET 会检索正确的信息。目前没有分配。下面是一个例子。这是请求主体使用的每个语法的响应。尝试的不同选项在底部。
GET https://graph.microsoft.com/v1.0/deviceAppManagement/androidManagedAppProtections/{ID}/assignments/
Response Preview
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#deviceAppManagement/androidManagedAppProtections('T_3cf871f9-9a39-46da-b776-1c5b2c13da48')/assignments",
"@microsoft.graph.tips": "Use $select to choose only the properties your app needs, as this can lead to performance improvements. For example: GET deviceAppManagement/androidManagedAppProtections('<key>')/assignments?$select=target",
"value": []
}
POST https://graph.microsoft.com/v1.0/deviceAppManagement/androidManagedAppProtections/{ID}/assignments/
Request Body
{
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
Response Preview
{
"error": {
"code": "No method match route template",
"message": "No OData route exists that match template ~/singleton/navigation/key/navigation with http verb POST for request /MAMAdmin_2412/MAMAdminFEService/deviceAppManagement/androidManagedAppProtections('{ID}')/assignments.",
"innerError": {
"date": "{DATE}",
"request-id": "{ID}",
"client-request-id": "{ID}"
}
}
}
请求机构迄今已尝试过此。
#1
{
"assignments": [
{
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
]
}
#2
{
"assignments": [
{
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"target": {
"groupId": "{ID}"
}
}
]
}
#3
{
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
#4
{
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"target": {
"groupId": "{ID}"
}
}
#5
{
"@odata.type": "#microsoft.graph.targetedManagedAppPolicyAssignment",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
#6
{
"assignments": [
{
"@odata.type": "#microsoft.graph.targetedManagedAppPolicyAssignment",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
]
}
#7
{
"assignments": [
{
"@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentTarget",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
]
}
#8
{
"@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentTarget",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
#9
{
"value": [
{
"@odata.type": "#microsoft.graph.deviceAndAppManagementAssignmentTarget",
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
]
}
#10
{
"value": [
{
"target": {
"@odata.type": "#microsoft.graph.groupAssignmentTarget",
"groupId": "{ID}"
}
}
]
}
用于向应用保护策略添加分配的端点 URL 是:
请注意 URL 末尾的区别:/assign,而不是 /assignment。