Scripting

PowerTip: Identify Synchronized AzureAD accounts without a License assigned

Doctor Scripto

August 14th, 20194 0

Summary: Using PowerShell to identify users who are Synchronized to AzureAD but not yet licensed

Hey, Doctor Scripto!

I’d love to be able to identify users Synchronized to AzureAD that haven’t yet had their licenses assigned. Help a friend out?

No problem at all! You can target that information with two parameters in the Get-Msoluser Cmdlet!

Get-MsolUser -UnlicensedUsersOnly -Synchronized

PowerShell, Doctor Scripto, PowerTip, AzureAD

Doctor Scripto Scripter, PowerShell, vbScript, BAT, CMD

4 comments

Comments are closed. Login to edit/delete your existing comments

Jamie Booth August 14, 2019 3:56 pm 0

The title doesn’t match the content. Getting unlicensed users is easy. Getting users with licenses is hard.
- Sean Kearney August 16, 2019 2:22 am 0
  
  Good catch on that typo in the title. For the licensing the previously posted series Reporting on Microsoft 365 Licensing with PowerShell would be better suited.
Matt Cross August 15, 2019 1:49 pm 0

Probably need to pipe this into some filters for it to be useable. Otherwise your results could include users that are supposed to be unlicensed (like those with an Exchange mailbox of type SHARED).
What would be really cool to have is a report of this filtered to show accounts created within the past 30 days that are not tied to type SHARED Exchange mailboxes. Then you could proactively license any users missed before the 30-day “timebomb” goes off and they call the help desk saying they can’t log in…
- Sean Kearney August 16, 2019 2:22 am 0
  
  An excellent point, sounds like an idea for another Blog post!

Feedback