Created
November 13, 2020 00:29
-
-
Save technion/9b6e87acebbb59848dd8e47e846cc5cb to your computer and use it in GitHub Desktop.
Office 365 license management
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Set-StrictMode -Version 2 | |
# Connect first | |
# Connect-AzureAD | |
function Get-LicencesforUser | |
{ | |
param([object]$user) | |
# $user should be populated with | |
# $user = Get-AzureADUser -ObjectId username@domain.com | |
$ret = @() | |
$currentLicences = $user | select -ExpandProperty AssignedLicenses | |
foreach ($currentLicense in $currentLicences) { | |
$ret += ($licenses | where { $_.skuId -eq $currentLicense.SkuID }).SkuPartNumber | |
} | |
return $ret | |
} | |
# Find the SKU of the ATP license and create an object that can be applied | |
$licenses = Get-AzureADSubscribedSku | |
$atp = $licenses | where { $_.skuPartNumber -eq 'ATP_ENTERPRISE' } | |
$atpLicense = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense | |
$atpLicense.SkuId = $atp.SkuId | |
$licensesToAssign = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses | |
$licensesToAssign.AddLicenses = $atpLicense | |
#Show License on User - example | |
#$user = Get-AzureADUser -ObjectId user@thing.com | |
#Get-LicencesforUser -user $user | |
$allActiveUsers = Get-AzureADUser -All $true | where { $_.AccountEnabled -eq $true -and $_.immutableid -ne $null } | |
#Get SkuID for Office E2 | |
$e2sku = ($licenses | where { $_.skuPartNumber -eq 'STANDARDWOFFPACK' }).SkuID | |
$e5secsku = ($licenses | where { $_.skuPartNumber -eq 'IDENTITY_THREAT_PROTECTION' }).SkuID | |
$count = 0 | |
foreach ($activeUser in $allActiveUsers) { | |
$currentLicences = $activeUser| select -ExpandProperty AssignedLicenses | |
if (!($currentLicences | where { $_.skuid -contains $e2sku })) { | |
write-host "User $($activeUser.UserprincipalName) has no E2" | |
continue | |
} | |
if ($currentLicences | where { $_.skuid -contains $atp.SkuID }) { | |
write-host "User $($activeUser.UserprincipalName) already has an ATP License" | |
continue | |
} | |
if ($currentLicences | where { $_.skuid -contains $e5secsku }) { | |
write-host "User $($activeUser.UserprincipalName) already has an E5 Sec License" | |
continue | |
} | |
write-host "Now applying ATP to $($activeUser.UserprincipalName)" | |
$count += 1 | |
# Set-AzureADUserLicense -ObjectId $activeUser.ObjectId -AssignedLicenses $licensesToAssign | |
} | |
write-host "Applied $count licences" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment