|
$ErrorActionPreference = "Stop" |
|
$Error.Clear() |
|
##################################################### |
|
# Function to generate mail content for licencing errors |
|
Function MailBody |
|
{ |
|
$Exception=$error[0].Exception.Message |
|
$Command=$error[0].InvocationInfo.Line.Trim() |
|
$StrBody="Error: $Exception `r`rUser: $UserPrincipalName `r`rCommand: $Command `r`r##########################################################################################`r`r" |
|
$Error.Clear() |
|
Return $strBody |
|
} |
|
##################################################### |
|
$sig = @" |
|
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] |
|
public struct NativeCredential |
|
{ |
|
public UInt32 Flags; |
|
public CRED_TYPE Type; |
|
public IntPtr TargetName; |
|
public IntPtr Comment; |
|
public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten; |
|
public UInt32 CredentialBlobSize; |
|
public IntPtr CredentialBlob; |
|
public UInt32 Persist; |
|
public UInt32 AttributeCount; |
|
public IntPtr Attributes; |
|
public IntPtr TargetAlias; |
|
public IntPtr UserName; |
|
internal static NativeCredential GetNativeCredential(Credential cred) |
|
{ |
|
NativeCredential ncred = new NativeCredential(); |
|
ncred.AttributeCount = 0; |
|
ncred.Attributes = IntPtr.Zero; |
|
ncred.Comment = IntPtr.Zero; |
|
ncred.TargetAlias = IntPtr.Zero; |
|
ncred.Type = CRED_TYPE.GENERIC; |
|
ncred.Persist = (UInt32)1; |
|
ncred.CredentialBlobSize = (UInt32)cred.CredentialBlobSize; |
|
ncred.TargetName = Marshal.StringToCoTaskMemUni(cred.TargetName); |
|
ncred.CredentialBlob = Marshal.StringToCoTaskMemUni(cred.CredentialBlob); |
|
ncred.UserName = Marshal.StringToCoTaskMemUni(System.Environment.UserName); |
|
return ncred; |
|
} |
|
} |
|
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] |
|
public struct Credential |
|
{ |
|
public UInt32 Flags; |
|
public CRED_TYPE Type; |
|
public string TargetName; |
|
public string Comment; |
|
public System.Runtime.InteropServices.ComTypes.FILETIME LastWritten; |
|
public UInt32 CredentialBlobSize; |
|
public string CredentialBlob; |
|
public UInt32 Persist; |
|
public UInt32 AttributeCount; |
|
public IntPtr Attributes; |
|
public string TargetAlias; |
|
public string UserName; |
|
} |
|
public enum CRED_TYPE : uint |
|
{ |
|
GENERIC = 1, |
|
DOMAIN_PASSWORD = 2, |
|
DOMAIN_CERTIFICATE = 3, |
|
DOMAIN_VISIBLE_PASSWORD = 4, |
|
GENERIC_CERTIFICATE = 5, |
|
DOMAIN_EXTENDED = 6, |
|
MAXIMUM = 7, // Maximum supported cred type |
|
MAXIMUM_EX = (MAXIMUM + 1000), // Allow new applications to run on old OSes |
|
} |
|
public class CriticalCredentialHandle : Microsoft.Win32.SafeHandles.CriticalHandleZeroOrMinusOneIsInvalid |
|
{ |
|
public CriticalCredentialHandle(IntPtr preexistingHandle) |
|
{ |
|
SetHandle(preexistingHandle); |
|
} |
|
public Credential GetCredential() |
|
{ |
|
if (!IsInvalid) |
|
{ |
|
NativeCredential ncred = (NativeCredential)Marshal.PtrToStructure(handle, |
|
typeof(NativeCredential)); |
|
Credential cred = new Credential(); |
|
cred.CredentialBlobSize = ncred.CredentialBlobSize; |
|
cred.CredentialBlob = Marshal.PtrToStringUni(ncred.CredentialBlob, |
|
(int)ncred.CredentialBlobSize / 2); |
|
cred.UserName = Marshal.PtrToStringUni(ncred.UserName); |
|
cred.TargetName = Marshal.PtrToStringUni(ncred.TargetName`); |
|
cred.TargetAlias = Marshal.PtrToStringUni(ncred.TargetAlias); |
|
cred.Type = ncred.Type; |
|
cred.Flags = ncred.Flags; |
|
cred.Persist = ncred.Persist; |
|
return cred; |
|
} |
|
else |
|
{ |
|
throw new InvalidOperationException("Invalid CriticalHandle!"); |
|
} |
|
} |
|
override protected bool ReleaseHandle() |
|
{ |
|
if (!IsInvalid) |
|
{ |
|
CredFree(handle); |
|
SetHandleAsInvalid(); |
|
return true; |
|
} |
|
return false; |
|
} |
|
} |
|
[DllImport("Advapi32.dll", EntryPoint = "CredReadW", CharSet = CharSet.Unicode, SetLastError = true)] |
|
public static extern bool CredRead(string target, CRED_TYPE type, int reservedFlag, out IntPtr CredentialPtr); |
|
[DllImport("Advapi32.dll", EntryPoint = "CredFree", SetLastError = true)] |
|
public static extern bool CredFree([In] IntPtr cred); |
|
"@ |
|
Add-Type -MemberDefinition $sig -Namespace "ADVAPI32" -Name 'Util' |
|
$targetName = "LicenceManagment" |
|
$nCredPtr= New-Object IntPtr |
|
$success = [ADVAPI32.Util]::CredRead($targetName,1,0,[ref] $nCredPtr) |
|
if($success){ |
|
$critCred = New-Object ADVAPI32.Util+CriticalCredentialHandle $nCredPtr |
|
$cred = $critCred.GetCredential() |
|
$UserName = $cred.UserName; |
|
$Password = $cred.CredentialBlob; |
|
$Password = ConvertTo-SecureString -String $Password -AsPlainText -Force |
|
$objCreds = New-Object Management.Automation.PSCredential $UserName, $Password |
|
} |
|
############ Import modules and login to MSOL ############ |
|
If(@(Get-Module | ? { $_.Name -eq "MSOnline"}).Count -eq 0) |
|
{ |
|
Import-Module MSOnline; |
|
} |
|
If(@(Get-Module | ? { $_.Name -eq "ActiveDirectory"}).Count -eq 0) |
|
{ |
|
Import-Module ActiveDirectory; |
|
} |
|
Try |
|
{ |
|
Connect-MsolService -Credential $objCreds |
|
} |
|
Catch [System.Exception] |
|
{ |
|
Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - License management Login Failed!" -Body $_.Exception.Message -SmtpServer smtp.blah.com |
|
Write-Host $_.Exception.Message |
|
Exit |
|
} |
|
############ Setup Variables ############ |
|
$dateFormat = "HH:mm:ss dd/MM/yyyy" |
|
############ Setup logging file ############ |
|
$Logfile="C:\Office365-Scripts\Licencing\LicenceManagement.txt" |
|
############ AD Groups containing whose users who should have individual Licenses ############ |
|
$MEMBERS_CRMSTANDARD=Get-ADGroupMember -Identity CRMSTANDARD_Users |
|
$MEMBERS_INTUNE_A=Get-ADGroupMember -Identity INTUNE_A_Users |
|
$MEMBERS_OFFICESUBSCRIPTION_FACULTY=Get-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users |
|
$MEMBERS_OFFICESUBSCRIPTION_STUDENT=Get-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users |
|
$MEMBERS_POWER_BI_STANDARD=Get-ADGroupMember -Identity POWER_BI_STANDARD_Users |
|
$MEMBERS_PROJECTONLINE_PLAN_1_FACULTY=Get-ADGroupMember -Identity PROJECTONLINE_PLAN_1_FACULTY_Users |
|
$MEMBERS_PROJECTONLINE_PLAN_1_STUDENT=Get-ADGroupMember -Identity PROJECTONLINE_PLAN_1_STUDENT_Users |
|
######################## Standard Licencing ###################### |
|
$POWER_BI_STANDARD = "<YourTenancyName>:POWER_BI_STANDARD" |
|
$CRMSTANDARD = "<YourTenancyName>:CRMSTANDARD" |
|
$INTUNE_A = "<YourTenancyName>:INTUNE_A" |
|
######################## Faculty Licensing ####################### |
|
$STANDARDWOFFPACK_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_FACULTY" |
|
$OFFICESUBSCRIPTION_FACULTY = "<YourTenancyName>:OFFICESUBSCRIPTION_FACULTY" |
|
$STANDARDWOFFPACK_IW_FACULTY = "<YourTenancyName>:STANDARDWOFFPACK_IW_FACULTY" |
|
$PROJECTONLINE_PLAN_1_FACULTY ="<YourTenancyName>:PROJECTONLINE_PLAN_1_FACULTY" |
|
######################## Student Licensing ####################### |
|
$STANDARDWOFFPACK_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_STUDENT" |
|
$STANDARDWOFFPACK_IW_STUDENT = "<YourTenancyName>:STANDARDWOFFPACK_IW_STUDENT" |
|
$PROJECTONLINE_PLAN_1_STUDENT = "<YourTenancyName>:PROJECTONLINE_PLAN_1_STUDENT" |
|
$OFFICESUBSCRIPTION_STUDENT = "<YourTenancyName>:OFFICESUBSCRIPTION_STUDENT" |
|
######################## Generic settings ######################## |
|
$DisabledPlans = "EXCHANGE_S_STANDARD" |
|
$UsageLocation = "GB" |
|
############ Define the two types of Licence option - Faculty and Student ############ |
|
$FacultyLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_FACULTY -DisabledPlans $DisabledPlans |
|
$StudentLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_STUDENT -DisabledPlans $DisabledPlans |
|
# |
|
############ Get users and apply Licenses ############ |
|
# |
|
############ Do the licenced users first ############ |
|
ForEach($User in (Get-MsolUser -all | where {$_.isLicensed -eq "True"})) |
|
#ForEach($User in (Get-MsolUser -all | where {$_.UserPrincipalName -eq "someotheradmin@blah.com"})) |
|
{ |
|
If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com") |
|
{ |
|
$AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5, sAMAccountName |
|
Try |
|
{ |
|
$date = Get-Date -Format $dateFormat |
|
$LoggingContent=$null |
|
$Licenses=$null |
|
$SKUIDs=$null |
|
$STANDARDWOFFPACK_STUDENT_Applied=$null |
|
$STANDARDWOFFPACK_FACULTY_Applied=$null |
|
$PROJECTONLINE_PLAN_1_FACULTY_Applied=$null |
|
$POWER_BI_STANDARD_Applied=$null |
|
$CRMSTANDARD_Applied=$null |
|
$INTUNE_A_Applied=$null |
|
$OFFICESUBSCRIPTION_FACULTY_Applied=$null |
|
$LicensesAdded=@() |
|
$LicensesRemoved=@() |
|
$Licenses=$User.Licenses |
|
$SKUIDs=$Licenses.AccountSkuId |
|
ForEach ($SKU in $SKUIDs) |
|
{ |
|
If ($SKU -eq $STANDARDWOFFPACK_IW_FACULTY) |
|
{ |
|
Try |
|
{ |
|
##### These should not be used, so remove if found ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_FACULTY |
|
$LicensesRemoved += "STANDARDWOFFPACK_IW_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus ##### |
|
If ($AdUser.extensionAttribute5 -eq "Staff") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_FACULTY" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" |
|
##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
Else |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_STUDENT" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" |
|
##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $STANDARDWOFFPACK_IW_STUDENT) |
|
{ |
|
Try |
|
{ |
|
##### These should not be used, so remove if found ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_IW_STUDENT |
|
$LicensesRemoved += "STANDARDWOFFPACK_IW_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
##### But then we need to replace that with a "normal" O365 licence, plus Pro Plus ##### |
|
If ($AdUser.extensionAttribute5 -ne "Staff") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_STUDENT" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" |
|
##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
Else |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_FACULTY" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" |
|
##### Add user to the AD group to ensure that they licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
##### Standard O365 Licenses ##### |
|
If ($SKU -eq $STANDARDWOFFPACK_STUDENT) |
|
{ |
|
$STANDARDWOFFPACK_STUDENT_Applied="True" |
|
If ($ADUser.extensionAttribute5 -eq "Staff") |
|
{ |
|
Try |
|
{ |
|
##### Remove Student licence from Staff member ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_STUDENT |
|
$LicensesRemoved += "STANDARDWOFFPACK_STUDENT" |
|
##### Remove user from the AD group ##### |
|
Remove-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName -Confirm:$False |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
##### Apply Staff licence ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_FACULTY" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $STANDARDWOFFPACK_FACULTY) |
|
{ |
|
$STANDARDWOFFPACK_FACULTY_Applied="True" |
|
If ($ADUser.extensionAttribute5 -ne "Staff") |
|
{ |
|
Try |
|
{ |
|
##### Remove Staff licence from Student member ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_FACULTY |
|
$LicensesRemoved += "STANDARDWOFFPACK_FACULTY" |
|
##### Remove user from the AD group ##### |
|
Remove-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName -Confirm:$False |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
##### Apply Student licence ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_STUDENT" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
##### Individual Subscriptions ##### |
|
If ($SKU -eq $PROJECTONLINE_PLAN_1_FACULTY) |
|
{ |
|
$PROJECTONLINE_PLAN_1_FACULTY_Applied="True" |
|
If ($MEMBERS_PROJECTONLINE_PLAN_1_FACULTY.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY |
|
$LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
ElseIf ($ADUser.extensionAttribute5 -ne "Staff") |
|
{ |
|
Try |
|
{ |
|
##### Remove Staff licence from Student member ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_FACULTY |
|
$LicensesRemoved += "PROJECTONLINE_PLAN_1_FACULTY" |
|
##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### |
|
Remove-ADGroupMember -Identity PROJECTONLINE_PLAN_1_FACULTY_Users -Members $AdUser.sAMAccountName -Confirm:$False |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
##### Apply Student licence ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT |
|
$LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" |
|
##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity PROJECTONLINE_PLAN_1_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $PROJECTONLINE_PLAN_1_STUDENT) |
|
{ |
|
$PROJECTONLINE_PLAN_1_STUDENT_Applied="True" |
|
If ($MEMBERS_PROJECTONLINE_PLAN_1_STUDENT.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT |
|
$LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
ElseIf ($ADUser.extensionAttribute5 -eq "Staff") |
|
{ |
|
Try |
|
{ |
|
##### Remove Student licence from Staff member ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $PROJECTONLINE_PLAN_1_STUDENT |
|
$LicensesRemoved += "PROJECTONLINE_PLAN_1_STUDENT" |
|
##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### |
|
Remove-ADGroupMember -Identity PROJECTONLINE_PLAN_1_STUDENT_Users -Members $AdUser.sAMAccountName -Confirm:$False |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
##### Apply Staff licence ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY |
|
$LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" |
|
##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity PROJECTONLINE_PLAN_1_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $OFFICESUBSCRIPTION_FACULTY) |
|
{ |
|
$OFFICESUBSCRIPTION_FACULTY_Applied="True" |
|
If ($MEMBERS_OFFICESUBSCRIPTION_FACULTY.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
ElseIf ($ADUser.extensionAttribute5 -ne "Staff") |
|
{ |
|
Try |
|
{ |
|
##### Remove Staff licence from Student member ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesRemoved += "OFFICESUBSCRIPTION_FACULTY" |
|
##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### |
|
Remove-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName -Confirm:$False |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
##### Apply Student licence ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" |
|
##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $OFFICESUBSCRIPTION_STUDENT) |
|
{ |
|
$OFFICESUBSCRIPTION_STUDENT_Applied="True" |
|
If ($MEMBERS_OFFICESUBSCRIPTION_STUDENT.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
ElseIf ($ADUser.extensionAttribute5 -eq "Staff") |
|
{ |
|
Try |
|
{ |
|
##### Remove Student licence from Staff member ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesRemoved += "OFFICESUBSCRIPTION_STUDENT" |
|
##### Remove user from the AD group to ensure that the licence is not subsequently/ mistakenly added again.... ##### |
|
Remove-ADGroupMember -Identity OFFICESUBSCRIPTION_STUDENT_Users -Members $AdUser.sAMAccountName -Confirm:$False |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
##### Apply Staff licence ##### |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" |
|
##### Add user to the AD group to ensure that the licence is not subsequently removed.... ##### |
|
Add-ADGroupMember -Identity OFFICESUBSCRIPTION_FACULTY_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $POWER_BI_STANDARD) |
|
{ |
|
$POWER_BI_STANDARD_Applied="True" |
|
If ($MEMBERS_POWER_BI_STANDARD.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $POWER_BI_STANDARD |
|
$LicensesRemoved += "POWER_BI_STANDARD" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $CRMSTANDARD) |
|
{ |
|
$CRMSTANDARD_Applied="True" |
|
If ($MEMBERS_CRMSTANDARD.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $CRMSTANDARD |
|
$LicensesRemoved += "CRMSTANDARD" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($SKU -eq $INTUNE_A) |
|
{ |
|
$INTUNE_A_Applied="True" |
|
If ($MEMBERS_INTUNE_A.SamAccountName -NotContains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
#If the user is not in the group, then simply revoke the licence |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $INTUNE_A |
|
$LicensesRemoved += "INTUNE_A" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
} |
|
} |
|
Catch [System.Exception] |
|
{ |
|
#Mop up any other errors |
|
Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer smtp.blah.com |
|
Write-Host $_.Exception.Message |
|
} |
|
Try |
|
{ |
|
##### Apply individual licences if they are not applied already ##### |
|
If ($MEMBERS_PROJECTONLINE_PLAN_1_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName -and $PROJECTONLINE_PLAN_1_FACULTY_Applied -ne "True") |
|
{ |
|
#Setup the bits that we don't want, because they are already present in the Project license and will cause an error otherwise... |
|
$DisabledPlans=@() |
|
$DisabledPlans+="EXCHANGE_S_STANDARD" |
|
$DisabledPlans+="SHAREPOINTSTANDARD_EDU" |
|
$DisabledPlans+="SHAREPOINTWAC_EDU" |
|
# Define the Licence options |
|
$FacultyLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_FACULTY -DisabledPlans $DisabledPlans |
|
# |
|
#First we need to remove the standard licence..... in order to remove SHAREPOINTSTANDARD_EDU and SHAREPOINTWAC_EDU, we'll add the bits that we want back in a mo' |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_FACULTY |
|
Start-Sleep -s 30 |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
#Now set the new licence in place |
|
$CheckUser=Get-MSOLUser -UserPrincipalName $User.UserPrincipalName |
|
$CheckLicenses=$CheckUser.Licenses |
|
$CheckSKUIDs=$CheckLicenses.AccountSkuId |
|
If ($CheckSKUIDs -NotContains $STANDARDWOFFPACK_FACULTY) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
# Then try putting the full Project licence in place |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY |
|
$LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($MEMBERS_PROJECTONLINE_PLAN_1_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName -and $PROJECTONLINE_PLAN_1_STUDENT_Applied -ne "True") |
|
{ |
|
#Setup the bits that we don't want, because they are already present in the Project license and will cause an error otherwise... |
|
$DisabledPlans=@() |
|
$DisabledPlans+="EXCHANGE_S_STANDARD" |
|
$DisabledPlans+="SHAREPOINTSTANDARD_EDU" |
|
$DisabledPlans+="SHAREPOINTWAC_EDU" |
|
# Define the Licence options |
|
$StudentLicenseOptions = New-MsolLicenseOptions -AccountSkuId $STANDARDWOFFPACK_STUDENT -DisabledPlans $DisabledPlans |
|
# |
|
#First we need to remove the standard licence..... in order to remove SHAREPOINTSTANDARD_EDU and SHAREPOINTWAC_EDU, we'll add the bits that we want back in a mo' |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -RemoveLicenses $STANDARDWOFFPACK_STUDENT |
|
Start-Sleep -s 30 |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
#Now set the new licence in place |
|
$CheckUser=Get-MSOLUser -UserPrincipalName $User.UserPrincipalName |
|
$CheckLicenses=$CheckUser.Licenses |
|
$CheckSKUIDs=$CheckLicenses.AccountSkuId |
|
If ($CheckSKUIDs -NotContains $STANDARDWOFFPACK_STUDENT) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
# Then try putting the full Project licence in place |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT |
|
$LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
If ($MEMBERS_POWER_BI_STANDARD.SamAccountName -Contains $AdUser.sAMAccountName -and $POWER_BI_STANDARD_Applied -ne "True") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD |
|
$LicensesAdded += "POWER_BI_STANDARD" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_CRMSTANDARD.SamAccountName -Contains $AdUser.sAMAccountName -and $CRMSTANDARD_Applied -ne "True") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD |
|
$LicensesAdded += "CRMSTANDARD" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_INTUNE_A.SamAccountName -Contains $AdUser.sAMAccountName -and $INTUNE_A_Applied -ne "True") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A |
|
$LicensesAdded += "INTUNE_A" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_OFFICESUBSCRIPTION_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName -and $OFFICESUBSCRIPTION_FACULTY_Applied -ne "True") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_OFFICESUBSCRIPTION_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName -and $OFFICESUBSCRIPTION_STUDENT_Applied -ne "True") |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
Catch [System.Exception] |
|
{ |
|
#Mop up any other errors |
|
Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer smtp.blah.com |
|
Write-Host $_.Exception.Message |
|
} |
|
#Reporting bits: |
|
If ($LicensesAdded.Count -eq 0 -and $LicensesRemoved.Count -gt 0) |
|
{ |
|
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",LicensesRemoved," + ($LicensesRemoved -join ',') |
|
} |
|
If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -eq 0) |
|
{ |
|
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') |
|
} |
|
If ($LicensesAdded.Count -gt 0 -and $LicensesRemoved.Count -gt 0) |
|
{ |
|
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') + ",LicensesRemoved," + ($LicensesRemoved -join ',') |
|
} |
|
# Write out the log |
|
Add-Content $Logfile $LoggingContent |
|
# If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to admins... |
|
If ($strMailBody -ne $null) |
|
{ |
|
Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer smtp.blah.com |
|
Write-Host $strMailBody |
|
} |
|
} |
|
} |
|
############ Now mop up the unlicenced users ############ |
|
ForEach($User in (Get-MsolUser -all | where{$_.isLicensed -ne "True"})) |
|
{ |
|
If($User.UserPrincipalName -notlike "*<YourTenancyName>.onmicrosoft.com" -and $User.UserPrincipalName -ne "DirSync@blah.com") |
|
{ |
|
$date = Get-Date -Format $dateFormat |
|
$LoggingContent=$null |
|
$LicensesAdded=@() |
|
$AdUser=Get-ADUser -Filter {UserPrincipalName -eq $User.UserPrincipalName} -Properties extensionAttribute5, sAMAccountName |
|
Try |
|
{ |
|
If ($ADUser.extensionAttribute5 -eq "Staff") |
|
{ |
|
Try |
|
{ |
|
# Set usage location |
|
Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody="Error setting UsageLocation for $User.UserPrincipalName" |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
# Set standard O365 licence without Exchange |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_FACULTY -LicenseOptions $FacultyLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_FACULTY" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_FACULTY_Users -Members $AdUser.sAMAccountName |
|
|
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($ADUser.extensionAttribute5 -ne "Staff") |
|
{ |
|
Try |
|
{ |
|
# Set usage location |
|
Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation $UsageLocation |
|
|
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody="Error setting UsageLocation for $User.UserPrincipalName" |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
Try |
|
{ |
|
# Set standard O365 licence without Exchange |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $STANDARDWOFFPACK_STUDENT -LicenseOptions $StudentLicenseOptions |
|
$LicensesAdded += "STANDARDWOFFPACK_STUDENT" |
|
##### Add user to the AD group - just for reference.... ##### |
|
Add-ADGroupMember -Identity STANDARDWOFFPACK_STUDENT_Users -Members $AdUser.sAMAccountName |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
##### Individual Subscriptions for unlicenced users - unlikely to ever hit here... ##### |
|
If ($MEMBERS_PROJECTONLINE_PLAN_1_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_FACULTY |
|
$LicensesAdded += "PROJECTONLINE_PLAN_1_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_PROJECTONLINE_PLAN_1_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $PROJECTONLINE_PLAN_1_STUDENT |
|
$LicensesAdded += "PROJECTONLINE_PLAN_1_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_POWER_BI_STANDARD.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $POWER_BI_STANDARD |
|
$LicensesAdded += "POWER_BI_STANDARD" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_CRMSTANDARD.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $CRMSTANDARD |
|
$LicensesAdded += "CRMSTANDARD" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_INTUNE_A.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $INTUNE_A |
|
$LicensesAdded += "INTUNE_A" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_OFFICESUBSCRIPTION_FACULTY.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_FACULTY |
|
$LicensesAdded += "OFFICESUBSCRIPTION_FACULTY" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
If ($MEMBERS_OFFICESUBSCRIPTION_STUDENT.SamAccountName -Contains $AdUser.sAMAccountName) |
|
{ |
|
Try |
|
{ |
|
Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName -AddLicenses $OFFICESUBSCRIPTION_STUDENT |
|
$LicensesAdded += "OFFICESUBSCRIPTION_STUDENT" |
|
} |
|
Catch [System.Exception] |
|
{ |
|
$strBody=MailBody |
|
$strMailBody=$strMailBody+$strBody |
|
} |
|
} |
|
} |
|
Catch [System.Exception] |
|
{ |
|
Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $_.Exception.Message -SmtpServer smtp.blah.com |
|
Write-Host $_.Exception.Message |
|
} |
|
$LoggingContent=$Date + ",User," + $User.UserPrincipalName + ",Licenses Added," + ($LicensesAdded -join ',') |
|
# Write out the log |
|
Add-Content $Logfile $LoggingContent |
|
# If any errors occurred adding or removing icences - the variable $strMailBody will have some content, so send it to admins... |
|
If ($strMailBody -ne $null) |
|
{ |
|
Send-MailMessage -From admin@blah.com -To someadmin@blah.com -cc someotheradmin@blah.com -Subject "ERROR - O365 Licence Management" -Body $strMailBody -SmtpServer smtp.blah.com |
|
Write-Host $strMailBody |
|
} |
|
} |
|
} |