Important note: The end of an era with licensing scripts is near… and the beginning of a new one with Azure AD Group Based Licensing is here. Group Based Licensing is now in preview and currently requires a paid Azure AD Subscription. Try it out and give Microsoft your feedback on how they can make it even better!
The never ending story about Office 365 licensing continues… This time it’s an extension of my script to assign licenses based on groups, with additional functionality to remove and change licenses for users.
I’ve come across scenarios where this have been a requirement a couple of times, and wanted to see how much work that was required to get the job done. 🙂
If you just want to assign licenses for users based on groups, plain and simple, this is not the script for you…
Running the script
The script is tested in a tenant with two different license types (E1 and E3). Therefore, the functionality has been verified against that, so if you have three or four different licenses to assign in your tenant, you have to do your own testing! 🙂
The following functions are included in the script:
- Assignment of licenses for new users based on groups/licenseSKU’s in the $licenses hashtable
- Switch of licensetype if a user is moved from one group to another
- Removal of license if the user no longer is a member in any of the license assignment groups
IMPORTANT: Since the script actually will remove licenses for users that are not in any of the groups, you have to make sure that you populate the license assignment groups prior to first time running the script.
Apart from the above, the script requirements and setup details are the same as in this post.
LicenseO365Users.ps1
<# .SYNOPSIS Script that assigns Office 365 licenses based on Group membership in WAAD. .DESCRIPTION The script assigns of licenses for new users based on groups/licenseSKUs in the $licenses hashtable. It switch licensetype if a user is moved from one group to Another. It removes the license if the user no longer is a member in any of the license assignment Groups. Updated 2015-03-25 to support multiple skus for each user. The script REQUIRES PowerShell 3.0 or later! .NOTES Author: Johan Dahlbom Blog: 365lab.net Email: johan[at]dahlbom.eu The script are provided “AS IS” with no guarantees, no warranties, and they confer no rights. #>
#Import Required PowerShell Modules
Import-Module MSOnline
#Office 365 Admin Credentials
$CloudUsername = 'admin@365lab.net'
$CloudPassword = ConvertTo-SecureString 'Password' -AsPlainText -Force
$CloudCred = New-Object System.Management.Automation.PSCredential $CloudUsername, $CloudPassword
#Connect to Office 365
Connect-MsolService -Credential $CloudCred
$Licenses = @{
'E1' = @{
LicenseSKU = 'mstlabs:STANDARDPACK'
Group = 'E1_Users'
}
'E3' = @{
LicenseSKU = 'mstlabs:ENTERPRISEPACK'
Group = 'E3_Users'
}
}
$UsageLocation = 'SE'
#Get all currently licensed users and put them in a custom object
$LicensedUserDetails = Get-MsolUser -All | Where-Object {$_.IsLicensed -eq 'True'} | ForEach-Object {
[pscustomobject]@{
UserPrincipalName = $_.UserPrincipalName
License = $_.Licenses.AccountSkuId
}
}
#Create array for users to change or delete
$UsersToChangeOrDelete = @()
foreach ($license in $Licenses.Keys) {
#Get current group name and ObjectID from Hashtable
$GroupName = $Licenses[$license].Group
$GroupID = (Get-MsolGroup -All | Where-Object {$_.DisplayName -eq $GroupName}).ObjectId
$AccountSKU = Get-MsolAccountSku | Where-Object {$_.AccountSKUID -eq $Licenses[$license].LicenseSKU}
Write-Output "Checking for unlicensed $license users in group $GroupName with ObjectGuid $GroupID..."
#Get all members of the group in current scope
$GroupMembers = (Get-MsolGroupMember -GroupObjectId $GroupID -All).EmailAddress
#Get all already licensed users in current scope
$ActiveUsers = ($LicensedUserDetails | Where-Object {$_.License -eq $licenses[$license].LicenseSKU}).UserPrincipalName
$UsersToHandle = ''
if ($GroupMembers) {
if ($ActiveUsers) {
#Compare $Groupmembers and $Activeusers
#Users which are in the group but not licensed, will be added
#Users licensed, but not, will be evaluated for deletion or change of license
$UsersToHandle = Compare-Object -ReferenceObject $GroupMembers -DifferenceObject $ActiveUsers -ErrorAction SilentlyContinue -WarningAction SilentlyContinue
$UsersToAdd = ($UsersToHandle | Where-Object {$_.SideIndicator -eq '<='}).InputObject $UsersToChangeOrDelete += ($UsersToHandle | Where-Object {$_.SideIndicator -eq '=>'}).InputObject
} else {
#No licenses currently assigned for the license in scope, assign licenses to all group members.
$UsersToAdd = $GroupMembers
}
} else {
Write-Warning "Group $GroupName is empty - will process removal or move of all users with license $($AccountSKU.AccountSkuId)"
#If no users are a member in the group, add them for deletion or change of license.
$UsersToChangeOrDelete += $ActiveUsers
}
#Check the amount of licenses left...
if ($AccountSKU.ActiveUnits - $AccountSKU.consumedunits -lt $UsersToAdd.Count) {
Write-Warning 'Not enough licenses for all users, please remove user licenses or buy more licenses'
}
foreach ($User in $UsersToAdd){
#Process all users for license assignment, if not already licensed with the SKU in order.
if ((Get-MsolUser -UserPrincipalName $User).Licenses.AccountSkuId -notcontains $AccountSku.AccountSkuId) {
try {
#Assign UsageLocation and License.
Set-MsolUser -UserPrincipalName $User -UsageLocation $UsageLocation -ErrorAction Stop -WarningAction Stop
Set-MsolUserLicense -UserPrincipalName $User -AddLicenses $AccountSKU.AccountSkuId -ErrorAction Stop -WarningAction Stop
Write-Output "SUCCESS: Licensed $User with $license"
} catch {
Write-Warning "Error when licensing $User"
}
}
}
}
#Process users for change or deletion
if ($UsersToChangeOrDelete -ne $null) {
foreach ($User in $UsersToChangeOrDelete) {
if ($user -ne $null) {
#Fetch users old license for later usage
$OldLicense = ($LicensedUserDetails | Where-Object {$_.UserPrincipalName -eq $User}).License
#Loop through to check if the user group assignment has been changed, and put the old and the new license in a custom object.
#Only one license group per user is currently supported.
$ChangeLicense = $Licenses.Keys | ForEach-Object {
$GroupName = $Licenses[$_].Group
if (Get-MsolGroupMember -All -GroupObjectId (Get-MsolGroup -All | Where-Object {$_.DisplayName -eq $GroupName}).ObjectId | Where-Object {$_.EmailAddress -eq $User}) {
[pscustomobject]@{
OldLicense = $OldLicense
NewLicense = $Licenses[$_].LicenseSKU
}
}
}
if ($ChangeLicense) {
#The user were assigned to another group, switch license to the new one.
try {
Set-MsolUserLicense -UserPrincipalName $User -RemoveLicenses $ChangeLicense.OldLicense -AddLicenses $ChangeLicense.NewLicense -ErrorAction Stop -WarningAction Stop
Write-Output "SUCCESS: Changed license for user $User from $($ChangeLicense.OldLicense) to $($ChangeLicense.NewLicense)"
} catch {
Write-Warning "Error when changing license on $User`r`n$_"
}
} else {
#The user is no longer a member of any license group, remove license
Write-Warning "$User is not a member of any group, license will be removed... "
try {
Set-MsolUserLicense -UserPrincipalName $User -RemoveLicenses $OldLicense -ErrorAction Stop -WarningAction Stop
Write-Output "SUCCESS: Removed $OldLicense for $User"
} catch {
Write-Warning "Error when removing license on user`r`n$_"
}
}
}
}
}
Hope this helps you if having this scenario, please let me know if you have features requests or other things that can improve the script!
/Johan
Tailspintoys - 365lab.net 
Great script, thanks! Unfortunately it doesn’t work where there are more than 500 group mambers.. 😦
http://community.office365.com/en-us/f/148/t/197083.aspx
Hi Joakim,
I saw that. I’m working on Another version that will work with an unlimited amount of users.
I’ll keep you posted!
/Johan
Hi Joakim,
I just checked, and this bug is solved in the latest version of WAAD powershell module (1.0.0) ! 🙂
/Johan
Pingback: PS Script: Assign license based on WAAD Security Group | Roy Apalnes's blogg
Pingback: Office 365: Assign licenses based on groups using PowerShell | Tailspintoys – 365lab.net
Hi Johan,
First off, thank you for putting this script together. It has been tremendously helpful with managing licenses for my user base. One thing that may be handy is the ability to target a specific ServicePlan to a user based upon their group membership. For example, I have a scenario where I want to grant certain users Lync Online licenses only but not all users. I also would like to be specific with SharePoint Online and Exchange Online licensing as well since not all of my users need all of the ServicePlans. A potential group naming scenario would be something like this: “Lync Online Only”, “SharePoint Online Only”, “Exchange Online Only”, “Lync Online and Exchange Online”, “All O365 Service Plans”. This would allow more granular control over ServicePlans within the SKU pack.
Awesome script, I have two questions. First could it be modified to take account of nested groups. We have a complex hierarchy of groups and quite often I would like to assign at the top level. Secondly is there a way of incorporating the selective licensing portion of this blog http://www.powershellmagazine.com/2012/04/23/provisioning-and-licensing-office-365-accounts-with-powershell/ into your script.
Once again thanks for the script it is going to save me tons of time.
Hi,
It would definately be possible to build in support nested groups, but it would require to rebuild it to query your local ad Groups instead since the Get-MsolGroupMember cmdlet does not support that.
I’ll publish a way of incorporating specific serviceparts of sku’s in to the script in a week or two.
/Johan
I second the recommendation for assigning Services as well. We have the same requirement. I’m trying to add this in myself, so I will post here if I happen to get this added before you.
Hi Josh,
Thanks for Reading. Please let us know if you happen to finish it prior to me 🙂
/Johan
Hi Josh,
Just posted an example on how to assign individual services, not with the above functionality, but might help you on your way 🙂
/Johan
Pingback: PS Script: Assign license based on WAAD Security Group · It is cloudy - IT
Hi Johan,
I’ve been using this script and its been incredibly useful, so thank you very much for providing it.
Is there a way to have the script apply multiple licence sku’s to the same group. The reason for this is we are trying to assign the “Student Advantage” Licence as well as the Student E1 Licence to the “All Students” group?
This doesnt appear to work when you need to assign multiple licences to the same user ? Can someone fix this ?
Did you manage to find a solution to this?
Hi Guys, Sorry for the late reply. I will post an update that will fix this tomorrow. It is row 92 that makes it impossible with multiple licenses.
I’ll keep you posted.
The script is now updated for it to work. Let me know if you have further questions.
Problem is here
#Process all users for license assignment, if not already licensed.
if ((Get-MsolUser -UserPrincipalName $User).IsLicensed -eq $false) {
try {
This checking to see if user has ANY license, not the license specific to the loop.
The post / script has now been updated to support this.
So does the script now work with multiple licences per use (this is standard in every EDU deployment I have done recently), and will it work with more than 500 users per group ?
Hi Michael,
Thanks again for reading.
More than 500 users per group has never been a problem except when there was a bug in the Azure Active Directory PowerShell module a year ago. And yes, it is now working with multiple SKU names which is default when you do an EDU deployment. (So you can create one group for Office 365 ProPlus and one E1/A1 for Students.) I do however prefer assigning the student licenses using one group, which has also been possible all the time by just adding the extra sku to one license assignment, just as below:
$Licenses = @{'E1-Student' = @{
LicenseSKU = 'mstlabs:STANDARDWOFFPACK_STUDENT','mstlabs:OFFICESUBSCRIPTION_STUDENT'
Group = 'E1_Student_Users'
}
'E3' = @{
LicenseSKU = 'mstlabs:ENTERPRISEPACK'
Group = 'E3_Users'
}
}
Let me know if you have any other questions.
/Johan
Ho Johan, I’m using the script above and get
WARNING: Not enough licenses for all users, please remove user licenses or buy more licenses
with only one user in the group to be licensed?
Help?
I am getting the same error, but I am not what part of Michael Cheshire’s update actually worked. Please explain
and I am using this as per your advice above..
$Licenses = @{
‘Faculty’ = @{
LicenseSKU = ‘xx:OFFICESUBSCRIPTION_FACULT’,’xx:STANDARDWOFFPACK_FACULTY’
Group = ‘365Lic_Faculty’
}
‘Student’ = @{
LicenseSKU = ‘xx:OFFICESUBSCRIPTION_STUDENT’,xx:STANDARDWOFFPACK_STUDENT’
Group = ‘365Lic_Student’
}
}
Sorry the cut/paste above there were typos – the section below DOES NOT work
$Licenses = @{
‘Faculty’ = @{
LicenseSKU = ‘xx:OFFICESUBSCRIPTION_FACULTY’,’xx:STANDARDWOFFPACK_FACULTY’
Group = ‘365Lic_Faculty’
}
‘Student’ = @{
LicenseSKU = ‘xx:OFFICESUBSCRIPTION_STUDENT’,’xx:STANDARDWOFFPACK_STUDENT’
Group = ‘365Lic_Student’
}
}
However this did.
‘Faculty_E1’ = @{
LicenseSKU = ‘xx:STANDARDWOFFPACK_FACULTY’
Group = ‘365Lic_Faculty’
}
‘Student_E1’ = @{
LicenseSKU = ‘xx:STANDARDWOFFPACK_STUDENT’
Group = ‘365Lic_Student’
}
‘Faculty_ProPlus’ = @{
LicenseSKU = ‘xx:OFFICESUBSCRIPTION_FACULTY’
Group = ‘ProPlus-Lic_Faculty’
}
‘Student_ProPlus’ = @{
LicenseSKU = ‘xx:OFFICESUBSCRIPTION_STUDENT’
Group = ‘ProPlus-Lic_Student’
}
M.
thanks!
this is really not working for me. $GroupMembers always comes up empty.
in the script:
$GroupID = (Get-MsolGroup -All | Where-Object {$_.DisplayName -eq $GroupName}).ObjectId
yeilds an weird variable i can’t examine. if i pre-cast it with
[string]$GroupID = (Get-MsolGroup -All | Where-Object {$_.DisplayName -eq $GroupName}).ObjectId
it get a variable that i can use
$GroupMembers = (Get-MsolGroupMember -GroupObjectId $GroupID -All).EmailAddress
is also null. IS there something simple that i’ve not configured in my powershell that makes these not work?
$GroupMembers = (Get-MsolGroupMember -GroupObjectId $GroupID -All).EmailAddress
$GroupMembers.GetType().Name
You cannot call a method on a null-valued expression
$GroupMembers = “”
Get-MsolGroupMember -GroupObjectId $GroupID -All | Foreach-Object { $GroupMembers += ,$_.Emailaddress}
works.
my apologies. I upgraded my server to 2008r2 and it downgraded my powershell to 2.0
Great to hear that it worked for you!
I keep getting this error when running the script. I have 3 users in the Office365Faculty group but it is saying there is none. It shows the 3 users in the group in office 365 so I don’t know why it would be failing.
Checking for unlicensed E3 users in group Office365Faculty with ObjectGuid daa6
602c-a365-4dda-af51-71d08dc7a17f…
WARNING: Group Office365Faculty is empty – will process removal or move of all
users with license sasd:STANDARDWOFFPACK_IW_FACULTY
Get-MsolUser : Cannot bind argument to parameter ‘UserPrincipalName’ because it
is null.
At C:\Office365licenseassignments.ps1:93 char:47
+ if ((Get-MsolUser -UserPrincipalName <<<< $User).Licenses.AccountS
kuId -notcontains $AccountSku.AccountSkuId) {
+ CategoryInfo : InvalidData: (:) [Get-MsolUser], ParameterBindin
gValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,M
icrosoft.Online.Administration.Automation.GetUser
Hi,
Thanks for reading! What PowerShell version / operating system do you have on the machine running the script? This is a common problem if you run the script in Powershell 2.0 (the script requires version 3.0)
/Johan
I am running Server 2008 R2 and PowerShell version 1.0. I will upgrade to version 3.0 and try it out.
Thanks
Great, let me know if you run in to further problems!
/Johan
Everything is working now except one thing. I tried adding a EnabledPlans line under the license SKU line so that I could enable all the services except lync and exchange and it is still enabling all the plans anyways when I run the script. It is not reporting any errors about it though.
Hi,
As of now, support for the “EnabledPlans” concept is not incorporated in this version. It is quite more complex taking adding/removing licenses in consideration.
I will try to write an example on how you can do coming days.
/Johan
Hi Johan, would it be easy to have multiple groups for each licence type? I have a scenario with multiple source forests sync’d into one tenant and am looking at whether I could have if members of “Domain1 E3” or “Domain2 E3” or “Domain3 E3” then licence with E3.
Hi Johan
I have an same kind of situtiation, where multiple groups are used to give same license due
delegated administration of OU´s. Groups are like EMEA_Skype_P1, APAC_Skype_P1 etc.. and EMEA_Skype_P2, APAC_Skype_P2. Is it possible somehow include multiple groups here:
‘E3’ = @{
LicenseSKU = ‘mstlabs:ENTERPRISEPACK’
Group = ‘E3_Users’
}
Hello Johan,
I’m unable to assign more than one sku to students. It is always the first group that gets licensed. Once a sku is applied there is no way to assign a second sku.
I’m running the scripts on W2K12R2
I have tried the following :
Scenario1
$Licenses = @{
‘Student_E1’ = @{
LicenseSKU = ‘o365tenant:STANDARDWOFFPACK_STUDENT’
Group = ‘365Lic_Student’
}
‘Student_ProPlus’ = @{
LicenseSKU = ‘o365tenant:OFFICESUBSCRIPTION_STUDENT’
Group = ‘ProPlus-Lic_Student’
}
}
Scenario2
$Licenses = @{
‘E1-Student’ = @{
LicenseSKU = ‘o365tenant:STANDARDWOFFPACK_STUDENT’,’o365tenant:OFFICESUBSCRIPTION_STUDENT’
Group = ‘365Lic_Student’
}
}
Scenario3
Using 2 scripts, one for ‘Student_E1’ and a second for ‘Student_ProPlus’
Any idea, suggestions?
regards
michel
Hi Johan,
Great script, thank you. I’m new to this and I’m looking to use your script but the part that scares me is it removes license when the user is not part of any group. If I remove this part from the script
else {
#The user is no longer a member of any license group, remove license
Write-Warning “$User is not a member of any group, license will be removed… ”
try {
Set-MsolUserLicense -UserPrincipalName $User -RemoveLicenses $OldLicense -ErrorAction Stop -WarningAction Stop
Write-Output “SUCCESS: Removed $OldLicense for $User”
} catch {
Write-Warning “Error when removing license on user`r`n$_”
}
Will the script still work without removing any license from users that don’t belong to any group.
Hi Brahim,
Thanks for reading. Have you been looking at the other scripts on the site with that functionality, that doesn’t remove any licenses?
/Johan
Hi Johan, It’s me again 🙂 nice script btw..
I don’t know if I should write you here or in the other post: https://365lab.net/2014/12/17/office-365-assign-individual-parts-of-licenses-based-on-groups-using-powershell/
The other one is almost perfect. I just need to add the change/remove part from this one to the other.. Does this one work with users that already has assigned licenses as the other? Or take the other and add this part?
Thanks
Pingback: An approach to enabling Office 365 features and functionality using group membership |
Hi Johan,
I did but I like this script as it solves limitations in the other ones like, Adding second license to an already licensed user . What I did is I took off the part starting from line 108 and seems to help accomplish what i was looking for. Thanks again.
Ok – sounds fantastic. Let me know if you have any other questions!
/Johan
Having great success using this script, thank you very much.
However, I’m getting error with some accounts: WARNING: Error when licensing username@domain.com
How do I troubleshoot this?
Johan – my friend!
where is the download link for this script?
You have the code directly on the site? 🙂 I don’t have it in downloadable
Hello Johan, your work is excellent! Another end user mentioned the EnabledPlans line under the license SKU line so that we could enable only some of the the services like lync and exchange but not Sharepoint Online.
We are in need of that at work:)
Can you please post an example how to accomplish that with this removal script.
Keep up the good work!
Regards Niklas
Hi Guys,
Hoping someone can help me figure this out. The script keeps tripping up on one of our AD groups, but not the other 2. It seems like it can’t determine the GUID of the group:
SUCCESS: Licensed user1 with Visio
SUCCESS: Licensed user2 with Visio
Checking for unlicensed Office users in group APPS – IDC – Microsoft Office 365 with ObjectGuid …
Get-MsolGroupMember : Cannot bind parameter ‘GroupObjectId’ to the target. Exception setting “GroupObjectId”: “Object
reference not set to an instance of an object.”
At C:\_Downloads\O365ByGroup.ps1:64 char:55
+ $GroupMembers = (Get-MsolGroupMember -GroupObjectId $GroupID -All).EmailAddres …
+ ~~~~~~~~
+ CategoryInfo : WriteError: (:) [Get-MsolGroupMember], ParameterBindingException
+ FullyQualifiedErrorId : ParameterBindingFailed,Microsoft.Online.Administration.Automation.GetGroupMember
Checking for unlicensed Project users in group APPS – IDC – Microsoft Project 365 with ObjectGuid e420158b-1da9-4154-b8
da-ca9d29f63c85…
SUCCESS: Licensed User1 with Project
SUCCESS: Licensed User2 with Project
Here is the group section of the script:
$Licenses = @{
‘Office’ = @{
LicenseSKU = ‘canadianredcross:ENTERPRISEPACK’
Group = ‘APPS – IDC – Microsoft Office 365’
}
‘Visio’ = @{
LicenseSKU = ‘canadianredcross:VISIO_CLIENT_SUBSCRIPTION’
Group = ‘APPS – IDC – Microsoft Visio 365’
}
‘Project’ = @{
LicenseSKU = ‘canadianredcross:PROJECT_CLIENT_SUBSCRIPTION’
Group = ‘APPS – IDC – Microsoft Project 365’
}
}
Hi,
First – thanks for reading! 🙂
Have you tried to search for the group in the tenant with ‘Get-MsolGroup -SearchString xxxx’? In the cases I’ve seen this before, it has been related to spaces in the group names.
Another approach that I am using at some customers is simply taking out the groupobjectid and use that instead of the group name in the script.
Let me know if you need further assistance!
/Johan
Hi Johan,
Thanks for the reply. I actually tried a couple of different groups and it seems like the 1st of the 3 groups is always the issue (irrelevant of what is in there), which is a little odd.
The group can be resolved:
PS C:\_Downloads> Get-MsolGroup -SearchString ‘APPS – IDC – Microsoft Office 365’
ObjectId DisplayName GroupType
——– ———– ———
52c9d4dc-89f6-4a69-9636-6fcd8d09b46e APPS – IDC – Microsoft … Security
How would I modify the script not to use the ObjectId?
Shaun
Hi,
Did you solve this. What I mean is that you should only use the objectid instead of the group name. I can give u an example if you haven’t solved the problem yet.
/J
Would love to see an example. I’ve done a good butcher job on the script and it’s failing big time now.
Actually never mind, it’s working now =)
Awesome, what did you do to get it up and running (could be helpful for others?)
i was just about to share my scripts too!
Honestly not sure what happened, but the script was able to resolve the ObjectId after the weekend. I am fine with that =D
Hi Johan.
Great info you have here.. Is there a way to mix this one with the other post: Assign individual parts of licenses based on groups using PowerShell
https://365lab.net/2014/12/17/office-365-assign-in
The sections of “•Switch of license type if a user is moved from one group to another
•Removal of license if the user no longer is a member in any of the license assignment groups” are the ones I want to get from this one..
Right now I’m receiving the error:
“WARNING: Error when removing license on user
Unable to assign this license because it is invalid. Use the Get-MsolAccountSku cmdlet to retrieve a list of valid licenses.” when I run this script and the user has a license already.
You fix that in the other one (that works beautifully)
I’m getting the same error when trying to remove license on a user. Did anyone determine a fix for this?
Hello Johan,
you are using parameter -isLicensed for detecting unlicensed users. Correct me if I am wrong but if I will be using different plans for assignment like PowerBI and E3, user can be in both groups and if user is in PowerBI group and suppose to get E3 as well -isLicensed could detect just BI license and leave him alone as correctly licensed based on that parameter, correct?
Yes, that is completely correct!
What solution would you suggest for this scenario?
Pingback: License your Office 365/Azure AD users with Azure Automation | Tailspintoys – 365lab.net
Hi,
Thanks for your script. It is really helpful. Have you incorporated the support of nested groups with this script?
Hi,
Thanks for reading and sorry for the late reply. If you check on my newer post regarding that, you’ll be able to do that.
/Johan
How about a tenant with users from multiple locales? Users with like locales are all in separate AD groups, but I cannot run a scripts for each, else it removes the previously assigned licenses.
is there an easy way to add multiple locales per AD group to the script?
Does this script check to see if the user has been disabled before assigning the license. I can see a scenario where the license user groups have a mix of enabled and disabled user accounts.
Hi,
Thanks for reading – it does not.
/Johan
Hi,
Thanks for reading – it does not.
/Johan
What if you have 2 different groups with the same license? How would you script that?
$Licenses = @{
‘Group1’= @{
LicenseSKU = ‘contoso:ENTERPRISEPACK’
Group = ‘Group1 Users’
}
‘Group2’= @{
LicenseSKU = ‘contoso:ENTERPRISEPACK’
Group = ‘Group2 Users’
}
}
Also, what if you need to remove -LicenseOptions?
-AccountSkuId contoso:ENTERPRISEPACK `
-DisabledPlans RMS_S_ENTERPRISE,MCOSTANDARD,EXCHANGE_S_ENTERPRISE
What if you don’t want to “change” a license but only remove it if the user isn’t a member of either group?
Keep getting error on the portion of the script that “changes” the license because this particular license is already assigned. How do you incorporate the New-MsolLicenseOptions when “changing” groups?
Hi Amy, Thanks for reading! Check out the script on this post – https://365lab.net/2016/01/03/license-your-office-365azure-ad-users-with-azure-automation/ – that might be part of solving your question 🙂
/Johan
I have tried every from this post and it is simply not working.
PS C:\scripts> .\LicenseO365UsersV2.ps1
Checking for unlicensed E3 users in group Office 365 Users
WARNING: Not enough licenses for all users, please remove user licenses or buy more licenses
SUCCESS: licensed Test.User@domain.com with E3
PS C:\scripts>
Even though it says SUCCESS, the user is never licensed. This is what I am using which is taken from this post.
‘E3’ = @{
LicenseSKU = ‘domain:RMS_S_ENTERPRISE’,’domain:EXCHANGE_S_STANDARD’,’domain:MCOSTANDARD’,’domain:OFFICESUBSCRIPTION’,’domain:SHAREPOINTENTERPRISE’,’domain:SHAREPOINTWAC’
Group = ‘Office 365 Users’
}
Please advise
I have tried every from this post and it is simply not working.
PS C:\scripts> .\LicenseO365UsersV2.ps1
Checking for unlicensed E3 users in group Office 365 Users
WARNING: Not enough licenses for all users, please remove user licenses or buy more licenses
SUCCESS: licensed Test.User@domain.com with E3
PS C:\scripts>
Even though it says SUCCESS, the user is never licensed. This is what I am using which is taken from this post.
‘E3’ = @{
LicenseSKU = ‘domain:RMS_S_ENTERPRISE’,’domain:EXCHANGE_S_STANDARD’,’domain:MCOSTANDARD’,’domain:OFFICESUBSCRIPTION’,’domain:SHAREPOINTENTERPRISE’,’domain:SHAREPOINTWAC’
Group = ‘Office 365 Users’
}
Please advise
Pingback: An approach to enabling Office 365 features and functionality using group membership – UcPro