Manage licenses with PowerShell in Azure Active Directory!

Hi Azure friends,

In this article, I will describe how you can use PowerShell in Azure Active Directory to quickly get information about licenses. I have summarized a few experiences and would like to share them with you.

I used the PowerShell ISE for this configuration. But you are also very welcome to use Visual Studio Code, just as you wish. Please start with the following steps to begin the deployment (the Hashtags are comments):

#The first two lines have nothing to do with the configuration, but make some space below in the blue part of the ISE

Set-Location C:\Temp
Clear-Host

#We need the cmdlets
Install-Module -Name AzureAD -AllowClobber -Force -Verbose

#Sometimes the module must be imported
Import-Module AzureAD

#Lets connect to the Azure Active Directory
Connect-AzureAD

#What licenses are available?
Get-AzureADSubscribedSku

#More info about the license package
Get-AzureADSubscribedSku | Select-Object -Property ObjectId, SkuPartNumber, ConsumedUnits -ExpandProperty PrepaidUnits

#What is included in the license package
Get-AzureADSubscribedSku `
-ObjectId 95b14fab-6bbf-4756-94d4-99993dd27f55_05e9a617-0261-4cee-bb44-138d3ef5d965 | Select-Object -ExpandProperty ServicePlans

#To list all licensed users
Get-AzureAdUser | ForEach { $licensed=$False ; For ($i=0; $i -le ($_.AssignedLicenses | Measure).Count ; $i++)`
{ If( [string]::IsNullOrEmpty( $_.AssignedLicenses[$i].SkuId ) -ne $True) { $licensed=$true } } ; If( $licensed -eq $true)`
{ Write-Host $_.UserPrincipalName} }

#To list all of the unlicensed users
Get-AzureAdUser | ForEach{ $licensed=$False ; For ($i=0; $i -le ($_.AssignedLicenses | Measure).Count ; $i++)`
{ If( [string]::IsNullOrEmpty( $_.AssignedLicenses[$i].SkuId ) -ne $True) { $licensed=$true } } ; If( $licensed -eq $false)`
{ Write-Host $_.UserPrincipalName} }

#Do users have a usage location?
Get-AzureADUser | Select DisplayName,Department,UsageLocation

#We select a user
$User = Get-AzureADUser -ObjectId fred.prefect@tomscloud.ch

#The user needs a location
Set-AzureADUser -ObjectId $User.ObjectId -UsageLocation CH

#We need the SKU ID
Get-AzureADSubscribedSku | Select SkuPartNumber, SkuID

#Create the AssignedLicense object
$Sku = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense

#Set the SKU ID
$Sku.SkuId = "6fd2c87f-b296-42f0-b197-1e91e994b900"

#Create the AssignedLicenses Object
$Licenses = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses

#Add the SKU
$Licenses.AddLicenses = $Sku

#Setting a License to a User
Set-AzureADUserLicense -ObjectId $User.ObjectId -AssignedLicenses $Licenses

#Creating a Custom License
$User = Get-AzureADUser -ObjectId fred.prefect@tomscloud.ch.ch

#Create the AssignedLicense object
$Sku = New-Object -TypeName Microsoft.Open.AzureAD.Model.AssignedLicense

#Add the SKU

$Sku.SkuId = "6fd2c87f-b296-42f0-b197-1e91e994b900"

#Show the ServicePlans
Get-AzureADSubscribedSku -ObjectId 95b14fab-6bbf-4756-94d4-99993dd27f55_05e9a617-0261-4cee-bb44-138d3ef5d965 | Select-Object -ExpandProperty ServicePlans

#Get the LicenseSKU and create the Disabled ServicePlans object
$Sku.DisabledPlans = @("a23b959c-7ce8-4e57-9140-b90eb88a9e97","aebd3021-9f8f-4bf8-bbe3-0ed2f4f047a1")

#Create the AssignedLicenses Object
$Licenses = New-Object –TypeName Microsoft.Open.AzureAD.Model.AssignedLicenses

#Add the SKU
$Licenses.AddLicenses = $Sku

#Assign the license to the user
Set-AzureADUserLicense -ObjectId $User.ObjectId -AssignedLicenses $Licenses

Now you have successfully edited the licenses with PowerShell in Azure Active Directory!
Congratulations!

I hope this article was useful. Best regards, Tom Wechsler

P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler