Created
October 2, 2018 20:36
-
-
Save jkbryan/362bee37f13aeb901056b8ef28b31c7f to your computer and use it in GitHub Desktop.
O365_Licence_Management.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ErrorActionPreference = "Stop" | |
| $Error.Clear() | |
| ##################################################### | |
| # Function to generate mail content for licencing errors | |
| Function MailBody | |
| { | |
| $Exception=$error[0].Exception.Message | |
| $Command=$error[0].InvocationInfo.Line.Trim() | |
| $StrBody="Error: $Exception `r`rUser: $UserPrincipalName `r`rCommand: $Command `r`r##########################################################################################`r`r" | |
| $Error.Clear() | |
| Return $strBody | |
| } | |
| ##################################################### | |
| $sig = @" | |
| [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] | |
| public struct NativeCredential | |
| { | |
| public UInt32 Flags; | |
| public CRED_TYPE Type; | |
| public IntPtr TargetName; | |
| public IntPtr Comment; | |
| public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten; | |
| public UInt32 CredentialBlobSize; | |
| public IntPtr CredentialBlob; | |
| public UInt32 Persist; | |
| public UInt32 AttributeCount; | |
| public IntPtr Attributes; | |
| public IntPtr TargetAlias; | |
| public IntPtr UserName; | |
| internal static NativeCredential GetNativeCredential(Credential cred) | |
| { | |
| NativeCredential ncred = new NativeCredential(); | |
| ncred.AttributeCount = 0; | |
| ncred.Attributes = IntPtr.Zero; | |
| ncred.Comment = IntPtr.Zero; | |
| ncred.TargetAlias = IntPtr.Zero; | |
| ncred.Type = CRED_TYPE.GENERIC; | |
| ncred.Persist = (UInt32)1; | |
| ncred.CredentialBlobSize = (UInt32)cred.CredentialBlobSize; | |
| ncred.TargetName = Marshal.StringToCoTaskMemUni(cred.TargetName); | |
| ncred.CredentialBlob = Marshal.StringToCoTaskMemUni(cred.CredentialBlob); | |
| ncred.UserName = Marshal.StringToCoTaskMemUni(System.Environment.UserName); | |
| return ncred; | |
| } | |
| } | |
| [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] | |
| public struct Credential | |
| { | |
| public UInt32 Flags; | |
| public CRED_TYPE Type; | |
| public string TargetName; | |
| public string Comment; | |
| public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten; | |
| public UInt32 CredentialBlobSize; | |
| public string CredentialBlob; | |
| public UInt32 Persist; | |
| public UInt32 AttributeCount; | |
| public IntPtr Attributes; | |
| public string TargetAlias; | |
| public string UserName; | |
| } | |
| public enum CRED_TYPE : uint | |
| { | |
| GENERIC = 1, | |
| DOMAIN_PASSWORD = 2, | |
| DOMAIN_CERTIFICATE = 3, | |
| DOMAIN_VISIBLE_PASSWORD = 4, | |
| GENERIC_CERTIFICATE = 5, | |
| DOMAIN_EXTENDED = 6, | |
| MAXIMUM = 7, // Maximum supported cred type | |
| MAXIMUM_EX = (MAXIMUM + 1000), // Allow new applications to run on old OSes | |
| } | |
| public class CriticalCredentialHandle : Microsoft.Win32.SafeHandles.CriticalHandleZeroOrMinusOneIsInvalid | |
| { | |
| public CriticalCredentialHandle(IntPtr preexistingHandle) | |
| { | |
| SetHandle(preexistingHandle); | |
| } | |
| public Credential GetCredential() | |
| { | |
| if (!IsInvalid) | |
| { | |
| NativeCredential ncred = (NativeCredential)Marshal.PtrToStructure(handle, | |
| typeof(NativeCredential)); | |
| Credential cred = new Credential(); | |
| cred.CredentialBlobSize = ncred.CredentialBlobSize; | |
| cred.CredentialBlob = Marshal.PtrToStringUni(ncred.CredentialBlob, | |
| (int)ncred.CredentialBlobSize / 2); | |
| cred.UserName = Marshal.PtrToStringUni(ncred.UserName); | |
| cred.TargetName = Marshal.PtrToStringUni(ncred.TargetName`); | |
| cred.TargetAlias = Marshal.PtrToStringUni(ncred.TargetAlias); | |
| cred.Type = ncred.Type; | |
| cred.Flags = ncred.Flags; | |
| cred.Persist = ncred.Persist; | |
| return cred; | |
| } | |
| else | |
| { | |
| throw new InvalidOperationException("Invalid CriticalHandle!"); | |
| } | |
| } | |
| override protected bool ReleaseHandle() | |
| { | |
| if (!IsInvalid) | |
| { | |
| CredFree(handle); | |
| SetHandleAsInvalid(); | |
| return true; | |
| } | |
| return false; | |
| } | |
| } | |
| [DllImport("Advapi32.dll", EntryPoint = "CredReadW", CharSet = CharSet.Unicode, SetLastError = true)] | |
| public static extern bool CredRead(string target, CRED_TYPE type, int reservedFlag, out IntPtr CredentialPtr); | |
| [DllImport("Advapi32.dll", EntryPoint = "CredFree", SetLastError = true)] | |
| public static extern bool CredFree([In] IntPtr cred); | |
| "@ | |
| Add-Type -MemberDefinition $sig -Namespace "ADVAPI32" -Name 'Util' | |
| $targetName = "LicenceManagment" | |
| $nCredPtr= New-Object IntPtr | |
| $success = [ADVAPI32.Util]::CredRead($targetName,1,0,[ref] $nCredPtr) | |
| if($success){ | |
| $critCred = New-Object ADVAPI32.Util+CriticalCredentialHandle $nCredPtr | |
| $cred = $critCred.GetCredential() | |
| $UserName = $cred.UserName; | |
| $Password = $cred.CredentialBlob; | |
| $Password = ConvertTo-SecureString -String $Password -AsPlainText -Force | |
| $objCreds = New-Object Management.Automation.PSCredential $UserName, $Password | |
| } | |
| ############ Import modules and login to MSOL ############ | |
| If(@(Get-Module | ? { $_.Name -eq "MSOnline"}).Count -eq 0) | |
| { | |
| Import-Module MSOnline; | |
| } | |
| If(@(Get-Module | ? { $_.Name -eq "ActiveDirectory"}).Count -eq 0) | |
| { | |
| Import-Module ActiveDirectory; | |
| } | |
| Try | |
| { | |
| Connect-MsolService -Credential $objCreds | |
| } | |
| Catch [System.Exception] | |
| { | |
| Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - License management Login Failed!" -Body $_.Exception.Message -SmtpServer smtp.blah.com | |
| Write-Host $_.Exception.Message | |
| Exit | |
| } | |
| ############ Setup Variables ############ | |
| $dateFormat = "HH:mm:ss dd/MM/yyyy" | |
| ############ Setup logging file ############ | |
| $Logfile="C:\Office365-Scripts\Licencing\LicenceManagement.txt" | |
| ############ AD Groups containing whose users who should have individual Licenses ############ | |
| $MEMBERS_CRMSTANDARD=Get-ADGroupMember -Identity CRMSTANDARD_Users | |
| $MEMBERS_INTUNE_A=Get-ADGroupMember -Identity INTUNE_A_Users | |
| $MEMBERS_OFFICESUBSCRIPTION_FACULTY=Get-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users | |
| $MEMBERS_OFFICESUBSCRIPTION_STUDENT=Get-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users | |
| $MEMBERS_POWER_BI_STANDARD=Get-ADGroupMember -Identity POWER_BI_STANDARD_Users | |
| $MEMBERS_PROJECTONLINE_PLAN_1_FACULTY=Get-ADGroupMember -Identity PROJECTONLINE_PLAN_1_FACULTY_Users | |
| $MEMBERS_PROJECTONLINE_PLAN_1_STUDENT=Get-ADGroupMember -Identity PROJECTONLINE_PLAN_1_STUDENT_Users | |
| ######################## Standard Licencing ###################### | |
| $POWER_BI_STANDARD = "<YourTenancyName>:POWER_BI_STANDARD" | |
| $CRMSTANDARD = "<YourTenancyName>:CRMSTANDARD" | |
| $INTUNE_A = "<YourTenancyName>:INTUNE_A" | |
| ######################## Faculty Licensing ####################### | |
| $STANDARDWOFFPACK_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_FACULTY" | |
| $OFFICESUBSCRIPTION_FACULTY = "<YourTenancyName>:OFFICESUBSCRIPTION_FACULTY" | |
| $STANDARDWOFFPACK_IW_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_IW_FACULTY" | |
| $PROJECTONLINE_PLAN_1_FACULTY ="<YourTenancyName>:PROJECTONLINE_PLAN_1_FACULTY" | |
| ######################## Student Licensing ####################### | |
| $STANDARDWOFFPACK_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_STUDENT" | |
| $STANDARDWOFFPACK_IW_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_IW_STUDENT" | |
| $PROJECTONLINE_PLAN_1_STUDENT = "<YourTenancyName>:PROJECTONLINE_PLAN_1_STUDENT" | |
| $OFFICESUBSCRIPTION_STUDENT = "<YourTenancyName>:OFFICESUBSCRIPTION_STUDENT" | |
| ######################## Generic settings ######################## | |
| $DisabledPlans = "EXCHANGE_S_STANDARD" | |
| $UsageLocation = "GB" | |
| ############ Define the two types of Licence option - Faculty and Student ############ | |
| $FacultyLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_FACULTY -DisabledPlans $DisabledPlans | |
| $StudentLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_STUDENT -DisabledPlans $DisabledPlans | |
| # | |
| ############ Get users and apply Licenses ############ | |
| # | |
| ############ Do the licenced users first ############ | |
| ForEach($User in (Get-MsolUser -all | where {$_.isLicensed -eq "True"})) | |
| #ForEach($User in (Get-MsolUser -all | where {$_.UserPrincipalName -eq "someotheradmin@blah.com"})) | |
| { | |
| If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com") | |
| { | |
| $AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5, sAMAccountName | |
| Try | |
| { | |
| $date = Get-Date -Format $dateFormat | |
| $LoggingContent=$null | |
| $Licenses=$null | |
| $SKUIDs=$null | |
| $STANDARDWOFFPACK_STUDENT_Applied=$null | |
| $STANDARDWOFFPACK_FACULTY_Applied=$null | |
| $PROJECTONLINE_PLAN_1_FACULTY_Applied=$null | |
| $POWER_BI_STANDARD_Applied=$null | |
| $CRMSTANDARD_Applied=$null | |
| $INTUNE_A_Applied=$null | |
| $OFFICESUBSCRIPTION_FACULTY_Applied=$null | |
| $LicensesAdded=@() | |
| $LicensesRemoved=@() | |
| $Licenses=$User.Licenses | |
| $SKUIDs=$Licenses.AccountSkuId | |
| ForEach ($SKU in $SKUIDs) | |
| { | |
| If ($SKU -eq $STANDARDWOFFPACK_IW_FACULTY) | |
| { | |
| Try | |
| { | |
| ##### These should not be used, so remove if found ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_FACULTY | |
| $LicensesRemoved += "STANDARDWOFFPACK_IW_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| ##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus ##### | |
| If ($AdUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| Else | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $STANDARDWOFFPACK_IW_STUDENT) | |
| { | |
| Try | |
| { | |
| ##### These should not be used, so remove if found ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_STUDENT | |
| $LicensesRemoved += "STANDARDWOFFPACK_IW_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| ##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus ##### | |
| If ($AdUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| Else | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| ##### Standard O365 Licenses ##### | |
| If ($SKU -eq $STANDARDWOFFPACK_STUDENT) | |
| { | |
| $STANDARDWOFFPACK_STUDENT_Applied="True" | |
| If ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Student licence from Staff member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_STUDENT | |
| $LicensesRemoved += "STANDARDWOFFPACK_STUDENT" | |
| ##### Remove user from the AD group ##### | |
| Remove-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName -Confirm:$False | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Staff licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $STANDARDWOFFPACK_FACULTY) | |
| { | |
| $STANDARDWOFFPACK_FACULTY_Applied="True" | |
| If ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Staff licence from Student member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_FACULTY | |
| $LicensesRemoved += "STANDARDWOFFPACK_FACULTY" | |
| ##### Remove user from the AD group ##### | |
| Remove-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName -Confirm:$False | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Student licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| ##### Individual Subscriptions ##### | |
| If ($SKU -eq $PROJECTONLINE_PLAN_1_FACULTY) | |
| { | |
| $PROJECTONLINE_PLAN_1_FACULTY_Applied="True" | |
| If ($MEMBERS_PROJECTONLINE_PLAN_1_FACULTY.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Staff licence from Student member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY" | |
| ##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| Remove-ADGroupMember -Identity PROJECTONLINE_PLAN_1_FACULTY_Users -Members $AdUser.sAMAccountName -Confirm:$False | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Student licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" | |
| ##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity PROJECTONLINE_PLAN_1_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $PROJECTONLINE_PLAN_1_STUDENT) | |
| { | |
| $PROJECTONLINE_PLAN_1_STUDENT_Applied="True" | |
| If ($MEMBERS_PROJECTONLINE_PLAN_1_STUDENT.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Student licence from Staff member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT" | |
| ##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| Remove-ADGroupMember -Identity PROJECTONLINE_PLAN_1_STUDENT_Users -Members $AdUser.sAMAccountName -Confirm:$False | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Staff licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" | |
| ##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity PROJECTONLINE_PLAN_1_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $OFFICESUBSCRIPTION_FACULTY) | |
| { | |
| $OFFICESUBSCRIPTION_FACULTY_Applied="True" | |
| If ($MEMBERS_OFFICESUBSCRIPTION_FACULTY.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Staff licence from Student member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| Remove-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName -Confirm:$False | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Student licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $OFFICESUBSCRIPTION_STUDENT) | |
| { | |
| $OFFICESUBSCRIPTION_STUDENT_Applied="True" | |
| If ($MEMBERS_OFFICESUBSCRIPTION_STUDENT.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Student licence from Staff member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| Remove-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName -Confirm:$False | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Staff licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### | |
| Add-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $POWER_BI_STANDARD) | |
| { | |
| $POWER_BI_STANDARD_Applied="True" | |
| If ($MEMBERS_POWER_BI_STANDARD.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $POWER_BI_STANDARD | |
| $LicensesRemoved += "POWER_BI_STANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $CRMSTANDARD) | |
| { | |
| $CRMSTANDARD_Applied="True" | |
| If ($MEMBERS_CRMSTANDARD.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $CRMSTANDARD | |
| $LicensesRemoved += "CRMSTANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $INTUNE_A) | |
| { | |
| $INTUNE_A_Applied="True" | |
| If ($MEMBERS_INTUNE_A.SamAccountName -NotContains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| #If the user is not in the group, then simply revoke the licence | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $INTUNE_A | |
| $LicensesRemoved += "INTUNE_A" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| #Mop up any other errors | |
| Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer smtp.blah.com | |
| Write-Host $_.Exception.Message | |
| } | |
| Try | |
| { | |
| ##### Apply individual licences if they are not applied already ##### | |
| If ($MEMBERS_PROJECTONLINE_PLAN_1_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName -and $PROJECTONLINE_PLAN_1_FACULTY_Applied -ne "True") | |
| { | |
| #Setup the bits that we don't want, because they are already present in the Project license and will cause an error otherwise... | |
| $DisabledPlans=@() | |
| $DisabledPlans+="EXCHANGE_S_STANDARD" | |
| $DisabledPlans+="SHAREPOINTSTANDARD_EDU" | |
| $DisabledPlans+="SHAREPOINTWAC_EDU" | |
| # Define the Licence options | |
| $FacultyLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_FACULTY -DisabledPlans $DisabledPlans | |
| # | |
| #First we need to remove the standard licence..... in order to remove SHAREPOINTSTANDARD_EDU and SHAREPOINTWAC_EDU, we'll add the bits that we want back in a mo' | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_FACULTY | |
| Start-Sleep -s 30 | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| #Now set the new licence in place | |
| $CheckUser=Get-MSOLUser -UserPrincipalName $User.UserPrincipalName | |
| $CheckLicenses=$CheckUser.Licenses | |
| $CheckSKUIDs=$CheckLicenses.AccountSkuId | |
| If ($CheckSKUIDs -NotContains $STANDARDWOFFPACK_FACULTY) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| # Then try putting the full Project licence in place | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($MEMBERS_PROJECTONLINE_PLAN_1_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName -and $PROJECTONLINE_PLAN_1_STUDENT_Applied -ne "True") | |
| { | |
| #Setup the bits that we don't want, because they are already present in the Project license and will cause an error otherwise... | |
| $DisabledPlans=@() | |
| $DisabledPlans+="EXCHANGE_S_STANDARD" | |
| $DisabledPlans+="SHAREPOINTSTANDARD_EDU" | |
| $DisabledPlans+="SHAREPOINTWAC_EDU" | |
| # Define the Licence options | |
| $StudentLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_STUDENT -DisabledPlans $DisabledPlans | |
| # | |
| #First we need to remove the standard licence..... in order to remove SHAREPOINTSTANDARD_EDU and SHAREPOINTWAC_EDU, we'll add the bits that we want back in a mo' | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_STUDENT | |
| Start-Sleep -s 30 | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| #Now set the new licence in place | |
| $CheckUser=Get-MSOLUser -UserPrincipalName $User.UserPrincipalName | |
| $CheckLicenses=$CheckUser.Licenses | |
| $CheckSKUIDs=$CheckLicenses.AccountSkuId | |
| If ($CheckSKUIDs -NotContains $STANDARDWOFFPACK_STUDENT) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| # Then try putting the full Project licence in place | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($MEMBERS_POWER_BI_STANDARD.SamAccountName -Contains $AdUser.sAMAccountName -and $POWER_BI_STANDARD_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD | |
| $LicensesAdded += "POWER_BI_STANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_CRMSTANDARD.SamAccountName -Contains $AdUser.sAMAccountName -and $CRMSTANDARD_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD | |
| $LicensesAdded += "CRMSTANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_INTUNE_A.SamAccountName -Contains $AdUser.sAMAccountName -and $INTUNE_A_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A | |
| $LicensesAdded += "INTUNE_A" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_OFFICESUBSCRIPTION_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName -and $OFFICESUBSCRIPTION_FACULTY_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_OFFICESUBSCRIPTION_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName -and $OFFICESUBSCRIPTION_STUDENT_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| #Mop up any other errors | |
| Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer smtp.blah.com | |
| Write-Host $_.Exception.Message | |
| } | |
| #Reporting bits: | |
| If ($LicensesAdded.Count -eq 0 -and $LicensesRemoved.Count -gt 0) | |
| { | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",LicensesRemoved," + ($LicensesRemoved -join ',') | |
| } | |
| If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -eq 0) | |
| { | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') | |
| } | |
| If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -gt 0) | |
| { | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') + ",LicensesRemoved," + ($LicensesRemoved -join ',') | |
| } | |
| # Write out the log | |
| Add-Content $Logfile $LoggingContent | |
| # If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to admins... | |
| If ($strMailBody -ne $null) | |
| { | |
| Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer smtp.blah.com | |
| Write-Host $strMailBody | |
| } | |
| } | |
| } | |
| ############ Now mop up the unlicenced users ############ | |
| ForEach($User in (Get-MsolUser -all | where{$_.isLicensed -ne "True"})) | |
| { | |
| If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com") | |
| { | |
| $date = Get-Date -Format $dateFormat | |
| $LoggingContent=$null | |
| $LicensesAdded=@() | |
| $AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5, sAMAccountName | |
| Try | |
| { | |
| If ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| # Set usage location | |
| Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody="Error setting UsageLocation for $User.UserPrincipalName" | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| # Set standard O365 licence without Exchange | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| # Set usage location | |
| Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody="Error setting UsageLocation for $User.UserPrincipalName" | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| # Set standard O365 licence without Exchange | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| ##### Add user to the AD group - just for reference.... ##### | |
| Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ##### Individual Subscriptions for unlicenced users - unlikely to ever hit here... ##### | |
| If ($MEMBERS_PROJECTONLINE_PLAN_1_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_PROJECTONLINE_PLAN_1_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_POWER_BI_STANDARD.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD | |
| $LicensesAdded += "POWER_BI_STANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_CRMSTANDARD.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD | |
| $LicensesAdded += "CRMSTANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_INTUNE_A.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A | |
| $LicensesAdded += "INTUNE_A" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_OFFICESUBSCRIPTION_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($MEMBERS_OFFICESUBSCRIPTION_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer smtp.blah.com | |
| Write-Host $_.Exception.Message | |
| } | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') | |
| # Write out the log | |
| Add-Content $Logfile $LoggingContent | |
| # If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to admins... | |
| If ($strMailBody -ne $null) | |
| { | |
| Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer smtp.blah.com | |
| Write-Host $strMailBody | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment