Created
October 2, 2018 21:00
-
-
Save jkbryan/cb8c87280a86b4043c50ff24c9ffc69e to your computer and use it in GitHub Desktop.
o365-licence-management.ps1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ErrorActionPreference = "Stop" | |
| $Error.Clear() | |
| ##################################################### | |
| # Function to generate mail content for licencing errors | |
| Function MailBody | |
| { | |
| $Exception=$error[0].Exception.Message | |
| $Command=$error[0].InvocationInfo.Line | |
| $StrBody="$Exception `r`r$Command `r`r##########################################################################################`r`r" | |
| $Error.Clear() | |
| Return $strBody | |
| } | |
| ##################################################### | |
| $sig = @" | |
| [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] | |
| public struct NativeCredential | |
| { | |
| public UInt32 Flags; | |
| public CRED_TYPE Type; | |
| public IntPtr TargetName; | |
| public IntPtr Comment; | |
| public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten; | |
| public UInt32 CredentialBlobSize; | |
| public IntPtr CredentialBlob; | |
| public UInt32 Persist; | |
| public UInt32 AttributeCount; | |
| public IntPtr Attributes; | |
| public IntPtr TargetAlias; | |
| public IntPtr UserName; | |
| internal static NativeCredential GetNativeCredential(Credential cred) | |
| { | |
| NativeCredential ncred = new NativeCredential(); | |
| ncred.AttributeCount = 0; | |
| ncred.Attributes = IntPtr.Zero; | |
| ncred.Comment = IntPtr.Zero; | |
| ncred.TargetAlias = IntPtr.Zero; | |
| ncred.Type = CRED_TYPE.GENERIC; | |
| ncred.Persist = (UInt32)1; | |
| ncred.CredentialBlobSize = (UInt32)cred.CredentialBlobSize; | |
| ncred.TargetName = Marshal.StringToCoTaskMemUni(cred.TargetName); | |
| ncred.CredentialBlob = Marshal.StringToCoTaskMemUni(cred.CredentialBlob); | |
| ncred.UserName = Marshal.StringToCoTaskMemUni(System.Environment.UserName); | |
| return ncred; | |
| } | |
| } | |
| [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] | |
| public struct Credential | |
| { | |
| public UInt32 Flags; | |
| public CRED_TYPE Type; | |
| public string TargetName; | |
| public string Comment; | |
| public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten; | |
| public UInt32 CredentialBlobSize; | |
| public string CredentialBlob; | |
| public UInt32 Persist; | |
| public UInt32 AttributeCount; | |
| public IntPtr Attributes; | |
| public string TargetAlias; | |
| public string UserName; | |
| } | |
| public enum CRED_TYPE : uint | |
| { | |
| GENERIC = 1, | |
| DOMAIN_PASSWORD = 2, | |
| DOMAIN_CERTIFICATE = 3, | |
| DOMAIN_VISIBLE_PASSWORD = 4, | |
| GENERIC_CERTIFICATE = 5, | |
| DOMAIN_EXTENDED = 6, | |
| MAXIMUM = 7, // Maximum supported cred type | |
| MAXIMUM_EX = (MAXIMUM + 1000), // Allow new applications to run on old OSes | |
| } | |
| public class CriticalCredentialHandle : Microsoft.Win32.SafeHandles.CriticalHandleZeroOrMinusOneIsInvalid | |
| { | |
| public CriticalCredentialHandle(IntPtr preexistingHandle) | |
| { | |
| SetHandle(preexistingHandle); | |
| } | |
| public Credential GetCredential() | |
| { | |
| if (!IsInvalid) | |
| { | |
| NativeCredential ncred = (NativeCredential)Marshal.PtrToStructure(handle, | |
| typeof(NativeCredential)); | |
| Credential cred = new Credential(); | |
| cred.CredentialBlobSize = ncred.CredentialBlobSize; | |
| cred.CredentialBlob = Marshal.PtrToStringUni(ncred.CredentialBlob, | |
| (int)ncred.CredentialBlobSize / 2); | |
| cred.UserName = Marshal.PtrToStringUni(ncred.UserName); | |
| cred.TargetName = Marshal.PtrToStringUni(ncred.TargetName`); | |
| cred.TargetAlias = Marshal.PtrToStringUni(ncred.TargetAlias); | |
| cred.Type = ncred.Type; | |
| cred.Flags = ncred.Flags; | |
| cred.Persist = ncred.Persist; | |
| return cred; | |
| } | |
| else | |
| { | |
| throw new InvalidOperationException("Invalid CriticalHandle!"); | |
| } | |
| } | |
| override protected bool ReleaseHandle() | |
| { | |
| if (!IsInvalid) | |
| { | |
| CredFree(handle); | |
| SetHandleAsInvalid(); | |
| return true; | |
| } | |
| return false; | |
| } | |
| } | |
| [DllImport("Advapi32.dll", EntryPoint = "CredReadW", CharSet = CharSet.Unicode, SetLastError = true)] | |
| public static extern bool CredRead(string target, CRED_TYPE type, int reservedFlag, out IntPtr CredentialPtr); | |
| [DllImport("Advapi32.dll", EntryPoint = "CredFree", SetLastError = true)] | |
| public static extern bool CredFree([In] IntPtr cred); | |
| "@ | |
| Add-Type -MemberDefinition $sig -Namespace "ADVAPI32" -Name 'Util' | |
| $targetName = "LicenceManagment" | |
| $nCredPtr= New-Object IntPtr | |
| $success = [ADVAPI32.Util]::CredRead($targetName,1,0,[ref] $nCredPtr) | |
| if($success){ | |
| $critCred = New-Object ADVAPI32.Util+CriticalCredentialHandle $nCredPtr | |
| $cred = $critCred.GetCredential() | |
| $UserName = $cred.UserName; | |
| $Password = $cred.CredentialBlob; | |
| $Password = ConvertTo-SecureString -String $Password -AsPlainText -Force | |
| $objCreds = New-Object Management.Automation.PSCredential $UserName, $Password | |
| } | |
| ############ Import modules and login to MSOL ############ | |
| If(@(Get-Module | ? { $_.Name -eq "MSOnline"}).Count -eq 0) | |
| { | |
| Import-Module MSOnline; | |
| } | |
| If(@(Get-Module | ? { $_.Name -eq "ActiveDirectory"}).Count -eq 0) | |
| { | |
| Import-Module ActiveDirectory; | |
| } | |
| Try | |
| { | |
| Connect-MsolService -Credential $objCreds | |
| } | |
| Catch [System.Exception] | |
| { | |
| Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - License management Login Failed!" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com | |
| Exit | |
| } | |
| ############ Setup Variables ############ | |
| $dateFormat = "HH:mm:ss dd/MM/yyyy" | |
| ############ Setup logging file ############ | |
| $Logfile="C:\Office365-Scripts\Licencing\LicenceManagement.txt" | |
| ############ Files fontaining the UPN's of user who should have individual Licenses ############ | |
| $CRMSTANDARD_Users="C:\Office365-Scripts\Licencing\Input\CRMSTANDARD.txt" | |
| [System.Collections.ArrayList]$Array_CRMSTANDARD=Get-Content $CRMSTANDARD_Users | |
| $INTUNE_A_Users="C:\Office365-Scripts\Licencing\Input\INTUNE_A.txt" | |
| [System.Collections.ArrayList]$Array_INTUNE_A=Get-Content $INTUNE_A_Users | |
| $OFFICESUBSCRIPTION_FACULTY_Users="C:\Office365-Scripts\Licencing\Input\OFFICESUBSCRIPTION_FACULTY.txt" | |
| [System.Collections.ArrayList]$Array_OFFICESUBSCRIPTION_FACULTY=Get-Content $OFFICESUBSCRIPTION_FACULTY_Users | |
| $OFFICESUBSCRIPTION_STUDENT_Users="C:\Office365-Scripts\Licencing\Input\OFFICESUBSCRIPTION_STUDENT.txt" | |
| [System.Collections.ArrayList]$Array_OFFICESUBSCRIPTION_STUDENT=Get-Content $OFFICESUBSCRIPTION_STUDENT_Users | |
| $POWER_BI_STANDARD_Users="C:\Office365-Scripts\Licencing\Input\POWER_BI_STANDARD.txt" | |
| [System.Collections.ArrayList]$Array_POWER_BI_STANDARD=Get-Content $POWER_BI_STANDARD_Users | |
| $PROJECTONLINE_PLAN_1_FACULTY_Users="C:\Office365-Scripts\Licencing\Input\PROJECTONLINE_PLAN_1_FACULTY.txt" | |
| [System.Collections.ArrayList]$Array_PROJECTONLINE_PLAN_1_FACULTY=Get-Content $PROJECTONLINE_PLAN_1_FACULTY_Users | |
| $PROJECTONLINE_PLAN_1_STUDENT_Users="C:\Office365-Scripts\Licencing\Input\PROJECTONLINE_PLAN_1_STUDENT.txt" | |
| [System.Collections.ArrayList]$Array_PROJECTONLINE_PLAN_1_STUDENT=Get-Content $PROJECTONLINE_PLAN_1_STUDENT_Users | |
| ############ Standard Licencing ############ | |
| $POWER_BI_STANDARD = "<YourTenancyName>:POWER_BI_STANDARD" | |
| $CRMSTANDARD = "<YourTenancyName>:CRMSTANDARD" | |
| $INTUNE_A = "<YourTenancyName>:INTUNE_A" | |
| ############ Faculty Licensing ############ | |
| $STANDARDWOFFPACK_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_FACULTY" | |
| $OFFICESUBSCRIPTION_FACULTY = "<YourTenancyName>:OFFICESUBSCRIPTION_FACULTY" | |
| $STANDARDWOFFPACK_IW_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_IW_FACULTY" | |
| $PROJECTONLINE_PLAN_1_FACULTY ="<YourTenancyName>:PROJECTONLINE_PLAN_1_FACULTY" | |
| ############ Student Licensing ############ | |
| $STANDARDWOFFPACK_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_STUDENT" | |
| $STANDARDWOFFPACK_IW_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_IW_STUDENT" | |
| $PROJECTONLINE_PLAN_1_STUDENT = "<YourTenancyName>:PROJECTONLINE_PLAN_1_STUDENT" | |
| $OFFICESUBSCRIPTION_STUDENT = "<YourTenancyName>:OFFICESUBSCRIPTION_STUDENT" | |
| ############Generic settings ############ | |
| $DisabledPlans = "EXCHANGE_S_STANDARD" | |
| $UsageLocation = "GB" | |
| ############ Define the two types of Licence option - Faculty and Student ############ | |
| $FacultyLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_FACULTY -DisabledPlans $DisabledPlans | |
| $StudentLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_STUDENT -DisabledPlans $DisabledPlans | |
| # | |
| ############ Get users and apply Licenses ############ | |
| # | |
| ############ Do the licenced users first ############ | |
| ForEach($User in (Get-MsolUser -all | where {$_.isLicensed -eq "True"})) | |
| { | |
| If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com") | |
| { | |
| $AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5 | |
| Try | |
| { | |
| $date = Get-Date -Format $dateFormat | |
| $LoggingContent=$null | |
| $Licenses=$null | |
| $SKUIDs=$null | |
| $STANDARDWOFFPACK_STUDENT_Applied=$null | |
| $STANDARDWOFFPACK_FACULTY_Applied=$null | |
| $PROJECTONLINE_PLAN_1_FACULTY_Applied=$null | |
| $POWER_BI_STANDARD_Applied=$null | |
| $CRMSTANDARD_Applied=$null | |
| $INTUNE_A_Applied=$null | |
| $OFFICESUBSCRIPTION_FACULTY_Applied=$null | |
| $LicensesAdded=@() | |
| $LicensesRemoved=@() | |
| $Licenses=$User.Licenses | |
| $SKUIDs=$Licenses.AccountSkuId | |
| ForEach ($SKU in $SKUIDs) | |
| { | |
| If ($SKU -eq $STANDARDWOFFPACK_IW_FACULTY) | |
| { | |
| Try | |
| { | |
| ##### These should not be used, so remove if found ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_FACULTY | |
| $LicensesRemoved += "STANDARDWOFFPACK_IW_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| ##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus ##### | |
| If ($AdUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Add content to the licencing file to ensure that they licence is not subsequently removed.... ##### | |
| Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| Else | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Add content to the licencing file to ensure that they licence is not subsequently removed.... ##### | |
| Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $STANDARDWOFFPACK_IW_STUDENT) | |
| { | |
| Try | |
| { | |
| ##### These should not be used, so remove if found ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_STUDENT | |
| $LicensesRemoved += "STANDARDWOFFPACK_IW_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| ##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus ##### | |
| If ($AdUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Add content to the licencing file to ensure that they licence is not subsequently removed.... ##### | |
| Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| Else | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Add content to the licencing file to ensure that they licence is not subsequently removed.... ##### | |
| Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| ##### Standard O365 Licenses ##### | |
| If ($SKU -eq $STANDARDWOFFPACK_STUDENT) | |
| { | |
| $STANDARDWOFFPACK_STUDENT_Applied="True" | |
| If ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Student licence from Staff member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_STUDENT | |
| $LicensesRemoved += "STANDARDWOFFPACK_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Staff licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $STANDARDWOFFPACK_FACULTY) | |
| { | |
| $STANDARDWOFFPACK_FACULTY_Applied="True" | |
| If ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Staff licence from Student member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_FACULTY | |
| $LicensesRemoved += "STANDARDWOFFPACK_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Student licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| ##### Individual Subscriptions ##### | |
| If ($SKU -eq $PROJECTONLINE_PLAN_1_FACULTY) | |
| { | |
| $PROJECTONLINE_PLAN_1_FACULTY_Applied="True" | |
| If ($Array_PROJECTONLINE_PLAN_1_FACULTY -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Staff licence from Student member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY" | |
| ##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| $Array_PROJECTONLINE_PLAN_1_FACULTY.Remove($User.UserPrincipalName) | |
| Clear-Content $PROJECTONLINE_PLAN_1_STUDENT_Users | |
| ForEach ($UserObject in $Array_PROJECTONLINE_PLAN_1_FACULTY) | |
| { | |
| Add-Content $PROJECTONLINE_PLAN_1_FACULTY_Users $UserObject | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Student licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" | |
| ##### Add content to the licencing file to ensure that the licence is not subsequently removed.... ##### | |
| Add-Content $PROJECTONLINE_PLAN_1_STUDENT_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $PROJECTONLINE_PLAN_1_STUDENT) | |
| { | |
| $PROJECTONLINE_PLAN_1_STUDENT_Applied="True" | |
| If ($Array_PROJECTONLINE_PLAN_1_STUDENT -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Student licence from Staff member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT" | |
| ##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| $Array_PROJECTONLINE_PLAN_1_STUDENT.Remove($User.UserPrincipalName) | |
| Clear-Content $PROJECTONLINE_PLAN_1_STUDENT_Users | |
| ForEach ($UserObject in $Array_PROJECTONLINE_PLAN_1_STUDENT) | |
| { | |
| Add-Content $PROJECTONLINE_PLAN_1_STUDENT_Users $UserObject | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Staff licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" | |
| ##### Add content to the licencing file to ensure that the licence is not subsequently removed.... ##### | |
| Add-Content $PROJECTONLINE_PLAN_1_FACULTY_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $OFFICESUBSCRIPTION_FACULTY) | |
| { | |
| $OFFICESUBSCRIPTION_FACULTY_Applied="True" | |
| If ($Array_OFFICESUBSCRIPTION_FACULTY -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Staff licence from Student member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| $Array_OFFICESUBSCRIPTION_FACULTY.Remove($User.UserPrincipalName) | |
| Clear-Content $OFFICESUBSCRIPTION_FACULTY_Users | |
| ForEach ($UserObject in $Array_OFFICESUBSCRIPTION_FACULTY) | |
| { | |
| Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $UserObject | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Student licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Add content to the licencing file to ensure that the licence is not subsequently removed.... ##### | |
| Add-Content $OFFICESUBSCRIPTION_STUDENT_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $OFFICESUBSCRIPTION_STUDENT) | |
| { | |
| $OFFICESUBSCRIPTION_STUDENT_Applied="True" | |
| If ($Array_OFFICESUBSCRIPTION_STUDENT -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ElseIf ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| ##### Remove Student licence from Staff member ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT | |
| $LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT" | |
| ##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... ##### | |
| $Array_OFFICESUBSCRIPTION_STUDENT.Remove($User.UserPrincipalName) | |
| Clear-Content $OFFICESUBSCRIPTION_STUDENT_Users | |
| ForEach ($UserObject in $Array_OFFICESUBSCRIPTION_STUDENT) | |
| { | |
| Add-Content $OFFICESUBSCRIPTION_STUDENT_Users $UserObject | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| ##### Apply Staff licence ##### | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| ##### Add content to the licencing file to ensure that the licence is not subsequently removed.... ##### | |
| Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $POWER_BI_STANDARD) | |
| { | |
| $POWER_BI_STANDARD_Applied="True" | |
| If ($Array_POWER_BI_STANDARD -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $POWER_BI_STANDARD | |
| $LicensesRemoved += "POWER_BI_STANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $CRMSTANDARD) | |
| { | |
| $CRMSTANDARD_Applied="True" | |
| If ($Array_CRMSTANDARD -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $CRMSTANDARD | |
| $LicensesRemoved += "CRMSTANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| If ($SKU -eq $INTUNE_A) | |
| { | |
| $INTUNE_A_Applied="True" | |
| If ($Array_INTUNE_A -NotContains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $INTUNE_A | |
| $LicensesRemoved += "INTUNE_A" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| #Mop up any other errors | |
| Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com | |
| } | |
| Try | |
| { | |
| ##### Apply individual licences if they are not applied already ##### | |
| If ($Array_PROJECTONLINE_PLAN_1_FACULTY -Contains $User.UserPrincipalName -and $PROJECTONLINE_PLAN_1_FACULTY_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_PROJECTONLINE_PLAN_1_STUDENT -Contains $User.UserPrincipalName -and $PROJECTONLINE_PLAN_1_STUDENT_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_POWER_BI_STANDARD -Contains $User.UserPrincipalName -and $POWER_BI_STANDARD_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD | |
| $LicensesAdded += "POWER_BI_STANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_CRMSTANDARD -Contains $User.UserPrincipalName -and $CRMSTANDARD_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD | |
| $LicensesAdded += "CRMSTANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_INTUNE_A -Contains $User.UserPrincipalName -and $INTUNE_A_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A | |
| $LicensesAdded += "INTUNE_A" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_OFFICESUBSCRIPTION_FACULTY -Contains $User.UserPrincipalName -and $OFFICESUBSCRIPTION_FACULTY_Applied -ne "True") | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| #Mop up any other errors | |
| Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com | |
| } | |
| #Reporting bits: | |
| If ($LicensesAdded.Count -eq 0 -and $LicensesRemoved.Count -gt 0) | |
| { | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",LicensesRemoved," + ($LicensesRemoved -join ',') | |
| } | |
| If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -eq 0) | |
| { | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') | |
| } | |
| If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -gt 0) | |
| { | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') + ",LicensesRemoved," + ($LicensesRemoved -join ',') | |
| } | |
| # Write out the log | |
| Add-Content $Logfile $LoggingContent | |
| # If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to someone who cares... | |
| If ($strMailBody -ne $null) | |
| { | |
| Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer mysmtpserver.blah.com | |
| } | |
| } | |
| } | |
| ############ Now mop up the unlicenced users ############ | |
| ForEach($User in (Get-MsolUser -all | where{$_.isLicensed -ne "True"})) | |
| { | |
| If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com") | |
| { | |
| $date = Get-Date -Format $dateFormat | |
| $LoggingContent=$null | |
| $LicensesAdded=@() | |
| $AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5 | |
| Try | |
| { | |
| If ($ADUser.extensionAttribute5 -eq "Staff") | |
| { | |
| Try | |
| { | |
| # Set usage location | |
| Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody="Error setting UsageLocation for $User.UserPrincipalName" | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| # Set standard O365 licence without Exchange | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($ADUser.extensionAttribute5 -ne "Staff") | |
| { | |
| Try | |
| { | |
| # Set usage location | |
| Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody="Error setting UsageLocation for $User.UserPrincipalName" | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| Try | |
| { | |
| # Set standard O365 licence without Exchange | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions | |
| $LicensesAdded += "STANDARDWOFFPACK_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| ##### Individual Subscriptions ##### | |
| If ($Array_PROJECTONLINE_PLAN_1_FACULTY -Contains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_PROJECTONLINE_PLAN_1_STUDENT -Contains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT | |
| $LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_POWER_BI_STANDARD -Contains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD | |
| $LicensesAdded += "POWER_BI_STANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_CRMSTANDARD -Contains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD | |
| $LicensesAdded += "CRMSTANDARD" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_INTUNE_A -Contains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A | |
| $LicensesAdded += "INTUNE_A" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| If ($Array_OFFICESUBSCRIPTION_FACULTY -Contains $User.UserPrincipalName) | |
| { | |
| Try | |
| { | |
| Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY | |
| $LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" | |
| } | |
| Catch [System.Exception] | |
| { | |
| $strBody=MailBody | |
| $strMailBody=$strMailBody+$strBody | |
| } | |
| } | |
| } | |
| Catch [System.Exception] | |
| { | |
| Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com | |
| } | |
| $LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') | |
| # Write out the log | |
| Add-Content $Logfile $LoggingContent | |
| # If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to someone who cares... | |
| If ($strMailBody -ne $null) | |
| { | |
| Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer mysmtpserver.blah.com | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment