PS Script: Assign Exchange Online licenses based on AAD Security Group

Powershell

Same script edited to assign Exchange Online instead of Lync Online.

AAD Security Group Name: Exchange_Users

Same pre reqs and more information in my earlier post.

[code language=”powershell”]
<#
.SYNOPSIS
Script that assigns Office 365 licenses based on Group membership in AAD.
.DESCRIPTION
The script assigns license Exchange Online Plan 1 or 2 based on Group Membership and that the user doesn’t have a license.
It can seem abit reverse as we enable EnterPrisePack, but disables everything but what we want to keep.
This is just the way it works when workin with Plan Packages, compared to single Plans.
.NOTES
Author: Roy Apalnes
Blog: royapalnes.wordpress.com
Email: roy.apalnes(a)gmail.com
The script are provided “AS IS” with no guarantees, no warranties, and they confer no rights.
Feel free to contact me for assistance.
.Modified
Modifier: Roy Apalnes
Blog: royapalnes.wordpress.com
Modified for Customer X
#>

$Office365Credentials = Get-Credential

# Connect to Microsoft Online
Import-Module MSOnline
Connect-MsolService -Credential $Office365credentials

write-host "Connecting to Office 365…"

#Disabled Plans for assigning Exchange Online only
$disabledPlans= @()
$disabledPlans +="OFFICESUBSCRIPTION"
$disabledPlans +="SHAREPOINTWAC"
$disabledPlans +="RMS_S_ENTERPRISE"
$disabledPlans +="YAMMER_ENTERPRISE"
$disabledPlans +="SHAREPOINTENTERPRISE"
$disabledPlans +="MCOSTANDARD"

#Create a LicenseOption with ENTERPRISEPACK and disable all Plans but Exchange Online
$ExchangeOnly = New-MsolLicenseOptions -AccountSkuId syndication-account:ENTERPRISEPACK -DisabledPlans $disabledPlans

#Country Location is mandatory for license assigning
$UsageLocation = "NO"

#Find ObjectId of every Security Group
$Groups = Get-MsolGroup | Select ObjectId,DisplayName

#Placeholder for our Exchange Online Security Group Object Id
$ExchangeGroupObjectId = $Groups | where {$_.DisplayName -eq "Exchange_Users"} | Select ObjectId

#Placeholder for ObjectIds of every member of Security Group Lync_Users
$ExchangeGroup = Get-MsolGroupMember -GroupObjectId $ExchangeGroupObjectId.ObjectId

#Placeholder for ObjectIds of every member without a License.
$UnlicensedExchangeUsers = $ExchangeGroup | where {-not $_.islicensed} | Select ObjectId

#Set UsageLocation
Set-MsolUser -ObjectId $UnlicensedExchangeUsers.ObjectId -UsageLocation $_.UsageLocation

#Set LicensOption Exchange Online Only
Set-MsolUserLicense -ObjectId $UnlicensedExchangeUsers.ObjectId -AddLicenses syndication-account:ENTERPRISEPACK -LicenseOptions $ExchangeOnly

[/code]

 

Leave a Comment