cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

add ad users to a ad security group input from msol accountskuid

Surfer10
Copper Contributor

‎Apr 09 2021 01:19 AM

‎Apr 09 2021 01:19 AM

add ad users to a ad security group input from msol accountskuid

I am trying this command to first geet the users in Azure who have a standardpack license and then add tthos users to a on-premise AD security group. The users which are retrieved from Azure are corrcect, that part works but then adding them to the aad-adgroupmember does not does the job. It runs but for all users it gives a result: migrate: false.

So the script is not faulty but i am giving the wrong input or something like that?

The goal is to assign ad users autmatically a office E license based on security group in AD, then when a user leaves the company or is new it will be automatically assigned that license..

 

The script:

$msolUsers= Get-MsolUser -All |
Where-Object {$($_.licenses).accountskuid -eq 'company:STANDARDPACK'}
ForEach ($user in $msolUsers) {
try {
$ADUser= Get-ADUser-filter {UserPrincipalName -eq
$user.UserPrincipalName}-ErrorAction stop
Add-ADGroupMember-Identity O365-E1 -Members $ADUser-ErrorAction stop

[PSCustomObject]@{
UserPrincipalName = $user.UserPrincipalName
Migrate = $true
}
}
catch {
[PSCustomObject]@{
UserPrincipalName = $user.UserPrincipalName
Migrate = $false
}
}
}

Labels:
497 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by Surfer10 (Copper Contributor)
Kevin Morgan

‎Apr 12 2021 10:48 PM

‎Apr 12 2021 10:48 PM

Solution

Re: add ad users to a ad security group input from msol accountskuid

@Surfer10 

 

The parameter Members accepts string array (comma separated values) or string text. Can you try the below line?

 

Add-ADGroupMember-Identity O365-E1 -Members $ADUser.UserPrincipalName

 

0 Likes
Reply