我正在尝试查找已分配了特定许可证类型的所有用户。 我基本上试图将我的Azure模块v1命令转换为Azure模块v2命令。如何获得与Azure module v1命令相同的结果?Azure Active Directory V2 PowerShell - 查找所有许可的Office 365用户
天青V1:
$OutputFile = "C:\Export\O365LicensedADEnabledUsers.csv"
$T1 = @()
$O365Users = Get-MsolUser -All
ForEach ($O365User in $O365Users)
{
$ADuser = Get-ADUser -Filter { UserPrincipalName -eq $O365User.UserPrincipalName } -Properties whenCreated, Department, Company, Enabled
If (($ADUser.Enabled -eq $true) -and ($O365User.isLicensed -eq $true))
{
$T1 += New-Object psobject -Property @{
CollectDate = $(Get-Date);
ADUserUPN = $($ADUser.UserPrincipalName);
O365UserUPN = $($O365User.UserPrincipalName);
ADUserCreated = $($ADUser.whenCreated);
ADUserDepartment = $($ADUser.Department);
ADUserCompany = $($ADUser.Company);
ADUserEnabled = $($ADUser.Enabled);
O365Licensed = $($O365User.isLicensed)
}
}
}
$T1 = $T1 | Sort-Object -Property ADUserCreated
$T1 | Format-Table
$T1 | Export-Csv -Path $OutputFile -NoTypeInformation
Write-Host "Output to $OutputFile"
天青V2:
AFAIK,存在天青AD V2的powershell没有isLicensed属性。我找到AssignedLicenses属性而不是这个。但我不确定。
$OutputFile = "C:\Export\O365LicensedADEnabledUsers.csv"
$T1 = @()
$O365Users = Get-AzureADUser -All $true
ForEach ($O365User in $O365Users)
{
$ADuser = Get-ADUser -Filter { UserPrincipalName -eq $O365User.UserPrincipalName } -Properties whenCreated, Department, Company, Enabled
If (($ADUser.Enabled -eq $true) -and ($O365User.AssignedLicenses -ne $null))
{
$T1 += New-Object psobject -Property @{
CollectDate = $(Get-Date);
ADUserUPN = $($ADUser.UserPrincipalName);
O365UserUPN = $($O365User.UserPrincipalName);
ADUserCreated = $($ADUser.whenCreated);
ADUserDepartment = $($ADUser.Department);
ADUserCompany = $($ADUser.Company);
ADUserEnabled = $($ADUser.Enabled);
O365Licensed = $($O365User.AssignedLicenses)
}
}
}
$T1 = $T1 | Sort-Object -Property ADUserCreated
$T1 | Format-Table
$T1 | Export-Csv -Path $OutputFile -NoTypeInformation
Write-Host "Output to $OutputFile"
你可能意味着在第二个,而不是'GET-ADUser'使用'GET-AzureAdUser'。看起来AssignedLicenses属性永远不会为空,所以你的检查不起作用。我猜你必须检查它是否包含你认为有效的SKU。 [用户实体文档](https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#user-entity),[AssignedLicense文档]( https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/entity-and-complex-type-reference#assignedlicense-type) – juunas
您可以将订阅的租户的SKU与' GET-AzureAdSubscribedSku'。然后以某种方式找出其中哪些对您的用例有效,然后检查用户是否有其中一个。 – juunas
感谢您的回答。你能给我样本脚本吗? – Arbelac