Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
o365-licence-management.ps1
$ErrorActionPreference = "Stop"
$Error.Clear()
#####################################################
# Function to generate mail content for licencing errors
Function MailBody
{
$Exception=$error[0].Exception.Message
$Command=$error[0].InvocationInfo.Line
$StrBody="$Exception `r`r$Command `r`r##########################################################################################`r`r"
$Error.Clear()
Return $strBody
}
#####################################################
$sig = @"
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct NativeCredential
{
public UInt32 Flags;
public CRED_TYPE Type;
public IntPtr TargetName;
public IntPtr Comment;
public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten;
public UInt32 CredentialBlobSize;
public IntPtr CredentialBlob;
public UInt32 Persist;
public UInt32 AttributeCount;
public IntPtr Attributes;
public IntPtr TargetAlias;
public IntPtr UserName;
internal static NativeCredential GetNativeCredential(Credential cred)
{
NativeCredential ncred = new NativeCredential();
ncred.AttributeCount = 0;
ncred.Attributes = IntPtr.Zero;
ncred.Comment = IntPtr.Zero;
ncred.TargetAlias = IntPtr.Zero;
ncred.Type = CRED_TYPE.GENERIC;
ncred.Persist = (UInt32)1;
ncred.CredentialBlobSize = (UInt32)cred.CredentialBlobSize;
ncred.TargetName = Marshal.StringToCoTaskMemUni(cred.TargetName);
ncred.CredentialBlob = Marshal.StringToCoTaskMemUni(cred.CredentialBlob);
ncred.UserName = Marshal.StringToCoTaskMemUni(System.Environment.UserName);
return ncred;
}
}
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)]
public struct Credential
{
public UInt32 Flags;
public CRED_TYPE Type;
public string TargetName;
public string Comment;
public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten;
public UInt32 CredentialBlobSize;
public string CredentialBlob;
public UInt32 Persist;
public UInt32 AttributeCount;
public IntPtr Attributes;
public string TargetAlias;
public string UserName;
}
public enum CRED_TYPE : uint
{
GENERIC = 1,
DOMAIN_PASSWORD = 2,
DOMAIN_CERTIFICATE = 3,
DOMAIN_VISIBLE_PASSWORD = 4,
GENERIC_CERTIFICATE = 5,
DOMAIN_EXTENDED = 6,
MAXIMUM = 7, // Maximum supported cred type
MAXIMUM_EX = (MAXIMUM + 1000), // Allow new applications to run on old OSes
}
public class CriticalCredentialHandle : Microsoft.Win32.SafeHandles.CriticalHandleZeroOrMinusOneIsInvalid
{
public CriticalCredentialHandle(IntPtr preexistingHandle)
{
SetHandle(preexistingHandle);
}
public Credential GetCredential()
{
if (!IsInvalid)
{
NativeCredential ncred = (NativeCredential)Marshal.PtrToStructure(handle,
typeof(NativeCredential));
Credential cred = new Credential();
cred.CredentialBlobSize = ncred.CredentialBlobSize;
cred.CredentialBlob = Marshal.PtrToStringUni(ncred.CredentialBlob,
(int)ncred.CredentialBlobSize / 2);
cred.UserName = Marshal.PtrToStringUni(ncred.UserName);
cred.TargetName = Marshal.PtrToStringUni(ncred.TargetName`);
cred.TargetAlias = Marshal.PtrToStringUni(ncred.TargetAlias);
cred.Type = ncred.Type;
cred.Flags = ncred.Flags;
cred.Persist = ncred.Persist;
return cred;
}
else
{
throw new InvalidOperationException("Invalid CriticalHandle!");
}
}
override protected bool ReleaseHandle()
{
if (!IsInvalid)
{
CredFree(handle);
SetHandleAsInvalid();
return true;
}
return false;
}
}
[DllImport("Advapi32.dll", EntryPoint = "CredReadW", CharSet = CharSet.Unicode, SetLastError = true)]
public static extern bool CredRead(string target, CRED_TYPE type, int reservedFlag, out IntPtr CredentialPtr);
[DllImport("Advapi32.dll", EntryPoint = "CredFree", SetLastError = true)]
public static extern bool CredFree([In] IntPtr cred);
"@
Add-Type -MemberDefinition $sig -Namespace "ADVAPI32" -Name 'Util'
$targetName = "LicenceManagment"
$nCredPtr= New-Object IntPtr
$success = [ADVAPI32.Util]::CredRead($targetName,1,0,[ref] $nCredPtr)
if($success){
$critCred = New-Object ADVAPI32.Util+CriticalCredentialHandle $nCredPtr
$cred = $critCred.GetCredential()
$UserName = $cred.UserName;
$Password = $cred.CredentialBlob;
$Password = ConvertTo-SecureString -String $Password -AsPlainText -Force
$objCreds = New-Object Management.Automation.PSCredential $UserName, $Password
}
############ Import modules and login to MSOL ############
If(@(Get-Module | ? { $_.Name -eq "MSOnline"}).Count -eq 0)
{
Import-Module MSOnline;
}
If(@(Get-Module | ? { $_.Name -eq "ActiveDirectory"}).Count -eq 0)
{
Import-Module ActiveDirectory;
}
Try
{
Connect-MsolService -Credential $objCreds
}
Catch [System.Exception]
{
Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - License management Login Failed!" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com
Exit
}
############ Setup Variables ############
$dateFormat = "HH:mm:ss dd/MM/yyyy"
############ Setup logging file ############
$Logfile="C:\Office365-Scripts\Licencing\LicenceManagement.txt"
############ Files fontaining the UPN's of user who should have individual Licenses ############
$CRMSTANDARD_Users="C:\Office365-Scripts\Licencing\Input\CRMSTANDARD.txt"
[System.Collections.ArrayList]$Array_CRMSTANDARD=Get-Content $CRMSTANDARD_Users
$INTUNE_A_Users="C:\Office365-Scripts\Licencing\Input\INTUNE_A.txt"
[System.Collections.ArrayList]$Array_INTUNE_A=Get-Content $INTUNE_A_Users
$OFFICESUBSCRIPTION_FACULTY_Users="C:\Office365-Scripts\Licencing\Input\OFFICESUBSCRIPTION_FACULTY.txt"
[System.Collections.ArrayList]$Array_OFFICESUBSCRIPTION_FACULTY=Get-Content $OFFICESUBSCRIPTION_FACULTY_Users
$OFFICESUBSCRIPTION_STUDENT_Users="C:\Office365-Scripts\Licencing\Input\OFFICESUBSCRIPTION_STUDENT.txt"
[System.Collections.ArrayList]$Array_OFFICESUBSCRIPTION_STUDENT=Get-Content $OFFICESUBSCRIPTION_STUDENT_Users
$POWER_BI_STANDARD_Users="C:\Office365-Scripts\Licencing\Input\POWER_BI_STANDARD.txt"
[System.Collections.ArrayList]$Array_POWER_BI_STANDARD=Get-Content $POWER_BI_STANDARD_Users
$PROJECTONLINE_PLAN_1_FACULTY_Users="C:\Office365-Scripts\Licencing\Input\PROJECTONLINE_PLAN_1_FACULTY.txt"
[System.Collections.ArrayList]$Array_PROJECTONLINE_PLAN_1_FACULTY=Get-Content $PROJECTONLINE_PLAN_1_FACULTY_Users
$PROJECTONLINE_PLAN_1_STUDENT_Users="C:\Office365-Scripts\Licencing\Input\PROJECTONLINE_PLAN_1_STUDENT.txt"
[System.Collections.ArrayList]$Array_PROJECTONLINE_PLAN_1_STUDENT=Get-Content $PROJECTONLINE_PLAN_1_STUDENT_Users
############ Standard Licencing ############
$POWER_BI_STANDARD = "<YourTenancyName>:POWER_BI_STANDARD"
$CRMSTANDARD = "<YourTenancyName>:CRMSTANDARD"
$INTUNE_A = "<YourTenancyName>:INTUNE_A"
############ Faculty Licensing ############
$STANDARDWOFFPACK_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_FACULTY"
$OFFICESUBSCRIPTION_FACULTY = "<YourTenancyName>:OFFICESUBSCRIPTION_FACULTY"
$STANDARDWOFFPACK_IW_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_IW_FACULTY"
$PROJECTONLINE_PLAN_1_FACULTY ="<YourTenancyName>:PROJECTONLINE_PLAN_1_FACULTY"
############ Student Licensing ############
$STANDARDWOFFPACK_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_STUDENT"
$STANDARDWOFFPACK_IW_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_IW_STUDENT"
$PROJECTONLINE_PLAN_1_STUDENT = "<YourTenancyName>:PROJECTONLINE_PLAN_1_STUDENT"
$OFFICESUBSCRIPTION_STUDENT = "<YourTenancyName>:OFFICESUBSCRIPTION_STUDENT"
############Generic settings ############
$DisabledPlans = "EXCHANGE_S_STANDARD"
$UsageLocation = "GB"
############ Define the two types of Licence option - Faculty and Student ############
$FacultyLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_FACULTY -DisabledPlans $DisabledPlans
$StudentLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_STUDENT -DisabledPlans $DisabledPlans
#
############ Get users and apply Licenses ############
#
############ Do the licenced users first ############
ForEach($User in (Get-MsolUser -all | where {$_.isLicensed -eq "True"}))
{
If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com")
{
$AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5
Try
{
$date = Get-Date -Format $dateFormat
$LoggingContent=$null
$Licenses=$null
$SKUIDs=$null
$STANDARDWOFFPACK_STUDENT_Applied=$null
$STANDARDWOFFPACK_FACULTY_Applied=$null
$PROJECTONLINE_PLAN_1_FACULTY_Applied=$null
$POWER_BI_STANDARD_Applied=$null
$CRMSTANDARD_Applied=$null
$INTUNE_A_Applied=$null
$OFFICESUBSCRIPTION_FACULTY_Applied=$null
$LicensesAdded=@()
$LicensesRemoved=@()
$Licenses=$User.Licenses
$SKUIDs=$Licenses.AccountSkuId
ForEach ($SKU in $SKUIDs)
{
If ($SKU -eq $STANDARDWOFFPACK_IW_FACULTY)
{
Try
{
##### These should not be used, so remove if found #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_FACULTY
$LicensesRemoved += "STANDARDWOFFPACK_IW_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus #####
If ($AdUser.extensionAttribute5 -eq "Staff")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY"
##### Add content to the licencing file to ensure that they licence is not subsequently removed.... #####
Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
Else
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $FacultyLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT"
##### Add content to the licencing file to ensure that they licence is not subsequently removed.... #####
Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $STANDARDWOFFPACK_IW_STUDENT)
{
Try
{
##### These should not be used, so remove if found #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_STUDENT
$LicensesRemoved += "STANDARDWOFFPACK_IW_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus #####
If ($AdUser.extensionAttribute5 -ne "Staff")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $FacultyLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT"
##### Add content to the licencing file to ensure that they licence is not subsequently removed.... #####
Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
Else
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY"
##### Add content to the licencing file to ensure that they licence is not subsequently removed.... #####
Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
##### Standard O365 Licenses #####
If ($SKU -eq $STANDARDWOFFPACK_STUDENT)
{
$STANDARDWOFFPACK_STUDENT_Applied="True"
If ($ADUser.extensionAttribute5 -eq "Staff")
{
Try
{
##### Remove Student licence from Staff member #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_STUDENT
$LicensesRemoved += "STANDARDWOFFPACK_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
##### Apply Staff licence #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $STANDARDWOFFPACK_FACULTY)
{
$STANDARDWOFFPACK_FACULTY_Applied="True"
If ($ADUser.extensionAttribute5 -ne "Staff")
{
Try
{
##### Remove Staff licence from Student member #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_FACULTY
$LicensesRemoved += "STANDARDWOFFPACK_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
##### Apply Student licence #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
##### Individual Subscriptions #####
If ($SKU -eq $PROJECTONLINE_PLAN_1_FACULTY)
{
$PROJECTONLINE_PLAN_1_FACULTY_Applied="True"
If ($Array_PROJECTONLINE_PLAN_1_FACULTY -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY
$LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
ElseIf ($ADUser.extensionAttribute5 -ne "Staff")
{
Try
{
##### Remove Staff licence from Student member #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY
$LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY"
##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... #####
$Array_PROJECTONLINE_PLAN_1_FACULTY.Remove($User.UserPrincipalName)
Clear-Content $PROJECTONLINE_PLAN_1_STUDENT_Users
ForEach ($UserObject in $Array_PROJECTONLINE_PLAN_1_FACULTY)
{
Add-Content $PROJECTONLINE_PLAN_1_FACULTY_Users $UserObject
}
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
##### Apply Student licence #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT
$LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT"
##### Add content to the licencing file to ensure that the licence is not subsequently removed.... #####
Add-Content $PROJECTONLINE_PLAN_1_STUDENT_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $PROJECTONLINE_PLAN_1_STUDENT)
{
$PROJECTONLINE_PLAN_1_STUDENT_Applied="True"
If ($Array_PROJECTONLINE_PLAN_1_STUDENT -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT
$LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
ElseIf ($ADUser.extensionAttribute5 -eq "Staff")
{
Try
{
##### Remove Student licence from Staff member #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT
$LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT"
##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... #####
$Array_PROJECTONLINE_PLAN_1_STUDENT.Remove($User.UserPrincipalName)
Clear-Content $PROJECTONLINE_PLAN_1_STUDENT_Users
ForEach ($UserObject in $Array_PROJECTONLINE_PLAN_1_STUDENT)
{
Add-Content $PROJECTONLINE_PLAN_1_STUDENT_Users $UserObject
}
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
##### Apply Staff licence #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY
$LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY"
##### Add content to the licencing file to ensure that the licence is not subsequently removed.... #####
Add-Content $PROJECTONLINE_PLAN_1_FACULTY_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $OFFICESUBSCRIPTION_FACULTY)
{
$OFFICESUBSCRIPTION_FACULTY_Applied="True"
If ($Array_OFFICESUBSCRIPTION_FACULTY -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
ElseIf ($ADUser.extensionAttribute5 -ne "Staff")
{
Try
{
##### Remove Staff licence from Student member #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY"
##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... #####
$Array_OFFICESUBSCRIPTION_FACULTY.Remove($User.UserPrincipalName)
Clear-Content $OFFICESUBSCRIPTION_FACULTY_Users
ForEach ($UserObject in $Array_OFFICESUBSCRIPTION_FACULTY)
{
Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $UserObject
}
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
##### Apply Student licence #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT"
##### Add content to the licencing file to ensure that the licence is not subsequently removed.... #####
Add-Content $OFFICESUBSCRIPTION_STUDENT_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $OFFICESUBSCRIPTION_STUDENT)
{
$OFFICESUBSCRIPTION_STUDENT_Applied="True"
If ($Array_OFFICESUBSCRIPTION_STUDENT -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT
$LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
ElseIf ($ADUser.extensionAttribute5 -eq "Staff")
{
Try
{
##### Remove Student licence from Staff member #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT
$LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT"
##### Remove the entry relating to this user from the licencing file to ensure that the licence is not subsequently/ mistakenly added again.... #####
$Array_OFFICESUBSCRIPTION_STUDENT.Remove($User.UserPrincipalName)
Clear-Content $OFFICESUBSCRIPTION_STUDENT_Users
ForEach ($UserObject in $Array_OFFICESUBSCRIPTION_STUDENT)
{
Add-Content $OFFICESUBSCRIPTION_STUDENT_Users $UserObject
}
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
Try
{
##### Apply Staff licence #####
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY"
##### Add content to the licencing file to ensure that the licence is not subsequently removed.... #####
Add-Content $OFFICESUBSCRIPTION_FACULTY_Users $User.UserPrincipalName
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $POWER_BI_STANDARD)
{
$POWER_BI_STANDARD_Applied="True"
If ($Array_POWER_BI_STANDARD -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $POWER_BI_STANDARD
$LicensesRemoved += "POWER_BI_STANDARD"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $CRMSTANDARD)
{
$CRMSTANDARD_Applied="True"
If ($Array_CRMSTANDARD -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $CRMSTANDARD
$LicensesRemoved += "CRMSTANDARD"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
If ($SKU -eq $INTUNE_A)
{
$INTUNE_A_Applied="True"
If ($Array_INTUNE_A -NotContains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $INTUNE_A
$LicensesRemoved += "INTUNE_A"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
}
}
Catch [System.Exception]
{
#Mop up any other errors
Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com
}
Try
{
##### Apply individual licences if they are not applied already #####
If ($Array_PROJECTONLINE_PLAN_1_FACULTY -Contains $User.UserPrincipalName -and $PROJECTONLINE_PLAN_1_FACULTY_Applied -ne "True")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY
$LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_PROJECTONLINE_PLAN_1_STUDENT -Contains $User.UserPrincipalName -and $PROJECTONLINE_PLAN_1_STUDENT_Applied -ne "True")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT
$LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_POWER_BI_STANDARD -Contains $User.UserPrincipalName -and $POWER_BI_STANDARD_Applied -ne "True")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD
$LicensesAdded += "POWER_BI_STANDARD"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_CRMSTANDARD -Contains $User.UserPrincipalName -and $CRMSTANDARD_Applied -ne "True")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD
$LicensesAdded += "CRMSTANDARD"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_INTUNE_A -Contains $User.UserPrincipalName -and $INTUNE_A_Applied -ne "True")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A
$LicensesAdded += "INTUNE_A"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_OFFICESUBSCRIPTION_FACULTY -Contains $User.UserPrincipalName -and $OFFICESUBSCRIPTION_FACULTY_Applied -ne "True")
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
Catch [System.Exception]
{
#Mop up any other errors
Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com
}
#Reporting bits:
If ($LicensesAdded.Count -eq 0 -and $LicensesRemoved.Count -gt 0)
{
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",LicensesRemoved," + ($LicensesRemoved -join ',')
}
If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -eq 0)
{
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',')
}
If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -gt 0)
{
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') + ",LicensesRemoved," + ($LicensesRemoved -join ',')
}
# Write out the log
Add-Content $Logfile $LoggingContent
# If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to someone who cares...
If ($strMailBody -ne $null)
{
Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer mysmtpserver.blah.com
}
}
}
############ Now mop up the unlicenced users ############
ForEach($User in (Get-MsolUser -all | where{$_.isLicensed -ne "True"}))
{
If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com")
{
$date = Get-Date -Format $dateFormat
$LoggingContent=$null
$LicensesAdded=@()
$AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5
Try
{
If ($ADUser.extensionAttribute5 -eq "Staff")
{
Try
{
# Set usage location
Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation
}
Catch [System.Exception]
{
$strBody="Error setting UsageLocation for $User.UserPrincipalName"
$strMailBody=$strMailBody+$strBody
}
Try
{
# Set standard O365 licence without Exchange
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($ADUser.extensionAttribute5 -ne "Staff")
{
Try
{
# Set usage location
Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation
}
Catch [System.Exception]
{
$strBody="Error setting UsageLocation for $User.UserPrincipalName"
$strMailBody=$strMailBody+$strBody
}
Try
{
# Set standard O365 licence without Exchange
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions
$LicensesAdded += "STANDARDWOFFPACK_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
##### Individual Subscriptions #####
If ($Array_PROJECTONLINE_PLAN_1_FACULTY -Contains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY
$LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_PROJECTONLINE_PLAN_1_STUDENT -Contains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT
$LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_POWER_BI_STANDARD -Contains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD
$LicensesAdded += "POWER_BI_STANDARD"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_CRMSTANDARD -Contains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD
$LicensesAdded += "CRMSTANDARD"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_INTUNE_A -Contains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A
$LicensesAdded += "INTUNE_A"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
If ($Array_OFFICESUBSCRIPTION_FACULTY -Contains $User.UserPrincipalName)
{
Try
{
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY"
}
Catch [System.Exception]
{
$strBody=MailBody
$strMailBody=$strMailBody+$strBody
}
}
}
Catch [System.Exception]
{
Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer mysmtpserver.blah.com
}
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',')
# Write out the log
Add-Content $Logfile $LoggingContent
# If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to someone who cares...
If ($strMailBody -ne $null)
{
Send-MailMessage -From myadmin@blah.com -To someone@blah.com -cc someone-else@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer mysmtpserver.blah.com
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.