def addUsersToArcGisPortalGroups():
logging.debug("\nSyncing groups between AzureAD and Mobile Portal by adding new members to Portal using list from AzureAD\n")
print("\nSyncing groups between AzureAD and Mobile Portal by adding new members to Portal using list from AzureAD\n")
allPortalUsers = gis.users.search()
usernames = []
logging.debug("ADMIN group:")
print("ADMIN group:")
for userid in allPortalUsers:
usernames.append(userid['username'])
if len(adminsToADD) != 0:
for admin in adminsToADD:
fname = (adminusersDict[admin]['NAME'].split(", ", 1)[1]).split(" ", 1)[0]
lname = adminusersDict[admin]['NAME'].split(", ", 1)[0]
email = (adminusersDict[admin]['UID']) + "@Org.com"
#email = (adminusersDict[admin]['UID']).upper() + "@Org.com"
idp_username = email
username = email
password = None
description = "IT-GIS Admins, who have the highest privileges"
#Note: A possible esri bug is causing createUser function to fail when role names are given as-is.
# Hence I have used system generated role name by taking a fiddler capture of the form data after manually adding users to portal
role = 'account_admin'#"org_admin"
provider = 'enterprise'
level = 2
if (admin + "@Org.com") not in usernames:
logging.debug("\t{} {} is not a member of Mobile Portal. Adding..".format(fname.capitalize(), lname.capitalize()))
print("\t{} {} is not a member of Mobile Portal. Adding..".format(fname.capitalize(), lname.capitalize()))
gis.users.create(username=username,
firstname = fname,
lastname = lname,
password = password,
email = email,
idp_username = idp_username,
description = description,
role = role,
provider = provider,
level = level)
logging.debug("\t\tAdded")
print("\t\tAdded")
else:
logging.debug("\tUser is already a member of portal")
print("\tUser is already a member of portal")
admingroups = ('Org - Mobile Admins', 'Org Tenant', 'Org - Mobile Viewers')
for admgroup in admingroups:
admini = gis.groups.search(admgroup)[0]
if username not in admini.get_members().get('users'):
logging.debug("\tAdding {} {} - {} to {} built-in group".format(fname.capitalize(), lname.capitalize(), admin, admgroup))
print("\tAdding {} {} - {} to {} built-in group".format(fname.capitalize(), lname.capitalize(), admin, admgroup))
admini.add_users(username)
logging.debug("\t\tAdded")
print("\t\tAdded")
else:
logging.debug("\tUser is already a member of {0} built-in group".format(admgroup))
logging.debug("\tADMIN group is now in Sync\n")
print("\tADMIN group is now in Sync\n")
else:
logging.debug("\tADMIN group is already in Sync\n\n")
print("\tADMIN group is already in Sync\n\n")