I recently had a to move around a few thousand EMS licences to enable MFA for Office 365 and Azure, I decided to do two quick scripts to remove and add back the licences to the required users. I thought I would do a quick post on how I moved the licences.
As always any scripts should be tested on a subset of users before running on larger groups to test that they work as expected.
For this script we need the Office365 PowerShell module installed.
To check if the module is installed run
Get-Module -ListAvailable MSOnline
First step is to get the AccountSKU to do this run
Import-Module MSonline and then Connect-MsolService
Get-MsolAccountSku | Select-Object AccountSkuId
To make things easier and more repeatable in case I need to remove or add other licence I am using Out-GridView -PassThru to select the CSV file and also the licence SKU.
First Out-GridView is for the Csv file with UserPrincipalName (UPN)
The second is to select the SKU to be removed
Once the two items are selected the script will then run The full remove license script is below. The only part that needs to be updated is the $csv variable to point to the correct folder where the csv files will be kept.
## Bulk Remove licenses ##
## Select Csv file
$csv = Get-ChildItem -Path C:\temp\Office365Licence\Remove\ -File | Out-GridView -PassThru
## Import Csv
$users = Import-Csv $csv.FullName
## Select Account SKU to be removed
$accountSKU = Get-MsolAccountSku | Select-Object AccountSkuId | Out-GridView -PassThru
## Loop through each user in the Csv
foreach($user in $users){
Write-Host "Removing $($accountSKU.AccountSkuId) licence from $($user.UserPrincipalName)" -ForegroundColor Yellow
## Remove licence
Set-MsolUserLicense -UserPrincipalName $user.UserPrincipalName -RemoveLicenses $accountSKU.AccountSkuId
}
The add script is the same only I added a check to confirm if the user requires the licence. The only part that needs to be updated is the $csv variable to point to the correct folder where the csv files will be kept.
Just a note on this I was applying the licence to existing users who where already setup with a usage location so if this is not set the script will error out.
## Bulk Add licences ##
## Select Csv file
$csv = Get-ChildItem -Path C:\temp\Office365Licence\Add\ -File | Out-GridView -PassThru
## Import Csv
$users = Import-Csv $csv.FullName
## Select Account SKU to be removed
$accountSKU = Get-MsolAccountSku | Select-Object AccountSkuId | Out-GridView -PassThru
## Loop through each user in the Csv
foreach ($user in $users) {
## Check if Licence is already applied
$check = Get-MsolUser -UserPrincipalName $user.UserPrincipalName | Select-Object UserPrincipalName,Licenses
Write-Warning "checking for $($accountsku.AccountSkuId) on $($user.UserPrincipalName)"
if ($check.Licenses.AccountSkuId -notcontains $accountsku.AccountSkuId){
## Add licence
Write-Warning "Adding $($accountSKU.AccountSkuId) licence to $($users.UserPrincipalName)"
Set-MsolUserLicense -UserPrincipalName $user.UserPrincipalName -AddLicenses $accountSKU.AccountSkuId
}
else
{
## Licence already applied
Write-Host "$($user.UserPrincipalName) has $($accountsku.AccountSkuId) licence assigned" -ForegroundColor Green
}
}
Source :
https://thesleepyadmins.com/2019/10/12/bulk-add-and-remove-office-365-licences/