There will be a time when you will need to assign licenses based on group membership (AD Security/Distribution Groups). Below I have created a script that will assist in this effort.
Summary of the steps:
- First we set a few variables upfront with their values
- Now for some logging. This will create a log file for error logging. No need to delete it, it will append each time you run the script.
- Now let’s get the Group Members
- Now we create a variable that holds our service options (Optional)
- Now for the work; We will get the group members, set their locations, and apply the license(s) with options.
- And to close it out we will “stop the logging”
Here is the script: ENJOY!!!!
#set your variables
Set-Variable -name GroupName -value “<SecurityGroup Name>”
Set-Variable -name UsageLocation -value <Type the location here; example: US>
##create Log file for logging
$Log = “<Name your log file here>” + “.log”
$ErrorActionPreference=”SilentlyContinue”
Stop-Transcript | out-null
$ErrorActionPreference = “Continue”
Start-Transcript -path $Log -append
###get group members
$secGP = Get-MsolGroup -SearchString $GroupName
$secObj = $secGP.ObjectId
####set license Options; use this if you want to disable service option
$NoSkypeAccountSku = New-MsolLicenseOptions -AccountSkuId “<Your Tenant Name here:ENTERPRISEPACK>” -disabledPlans “MCOSTANDARD”
#####get your group members, set your location for members and assign licenses
Get-MsolGroupMember -GroupObjectId $secObj -All | ForEach-Object {
Set-MsolUser -ObjectId $_.ObjectId -UsageLocation $UsageLocation
Set-MsolUserLicense -UserPrincipalName $_.EmailAddress -AddLicenses “<Your Tenant Name Here:ENTERPRISEPACK>” -licenseOptions $NoSkypeAccountSku
}
######stop your logging
Stop-Transcript
