SOLVED

add ad users to a ad security group input from msol accountskuid

Contributor

I am trying this command to first geet the users in Azure who have a standardpack license and then add tthos users to a on-premise AD security group. The users which are retrieved from Azure are corrcect, that part works but then adding them to the aad-adgroupmember does not does the job. It runs but for all users it gives a result: migrate: false.

So the script is not faulty but i am giving the wrong input or something like that?

The goal is to assign ad users autmatically a office E license based on security group in AD, then when a user leaves the company or is new it will be automatically assigned that license..

 

The script:

$msolUsers= Get-MsolUser -All |
Where-Object {$($_.licenses).accountskuid -eq 'company:STANDARDPACK'}
ForEach ($user in $msolUsers) {
try {
$ADUser= Get-ADUser-filter {UserPrincipalName -eq
$user.UserPrincipalName}-ErrorAction stop
Add-ADGroupMember-Identity O365-E1 -Members $ADUser-ErrorAction stop

[PSCustomObject]@{
UserPrincipalName = $user.UserPrincipalName
Migrate = $true
}
}
catch {
[PSCustomObject]@{
UserPrincipalName = $user.UserPrincipalName
Migrate = $false
}
}
}

1 Reply
best response confirmed by Surfer10 (Contributor)
Solution

@Surfer10 

 

The parameter Members accepts string array (comma separated values) or string text. Can you try the below line?

 

Add-ADGroupMember-Identity O365-E1 -Members $ADUser.UserPrincipalName