Summary: Using PowerShell to identify users who are Synchronized to AzureAD but not yet licensed
Hey, Doctor Scripto!
I’d love to be able to identify users Synchronized to AzureAD that haven’t yet had their licenses assigned. Help a friend out?
No problem at all! You can target that information with two parameters in the Get-Msoluser Cmdlet!
Get-MsolUser -UnlicensedUsersOnly -Synchronized
PowerShell, Doctor Scripto, PowerTip, AzureAD
Probably need to pipe this into some filters for it to be useable. Otherwise your results could include users that are supposed to be unlicensed (like those with an Exchange mailbox of type SHARED).
What would be really cool to have is a report of this filtered to show accounts created within the past 30 days that are not tied to type SHARED Exchange mailboxes. Then you could proactively license any users missed before the 30-day “timebomb” goes off and they call the help desk saying they can’t log in…
An excellent point, sounds like an idea for another Blog post!
The title doesn’t match the content. Getting unlicensed users is easy. Getting users with licenses is hard.
Good catch on that typo in the title. For the licensing the previously posted series Reporting on Microsoft 365 Licensing with PowerShell would be better suited.