<# Author: Kulverstukas Website: http://9v.lt Date: 2016-02-01 Last update: 2017-08-18 Description: Lists all mailboxes imported into Office365 which are unlicensed and adds a license to them sets their location and region. All users are filtered by *@domain.lt template and BlockCredential which is True for mailgroups to disable sign-in. Also this script disables clutter for everyone. This script sets the user language and region according to their PreferredLanguage attribute which was set in AD before synchronization to the cloud. After that, we have a somewhat universal way to switch up languages. For all staff this script sets a Lithuanian region and language, only for students it checks for PreferredLanguage. Reference: http://www.codetwo.com/admins-blog/how-to-connect-and-remotely-manage-office-365-with-powershell/ http://www.codetwo.com/admins-blog/how-to-add-and-license-users-in-bulk-on-office-365/ #> Import-Module MSOnline # --------------------- define stuff ---------------------- $user = "user@somecompany.onmicrosoft.com" $passwd = ConvertTo-SecureString "yourpwd" -AsPlainText -Force $licSrv = "staff_license_code" $studLicSrv = "student_license_code_1", "student_license_code_2" $logfile = "c:\enableOffice365Users_log.txt" $printDebug = $True # change to false to supress output to console $today = Get-Date -Format "yyyy-MM-dd HH:mm" # --------------------------------------------------------- <# If we want to assign licenses and set region and timezone in one script, we need to use this function which waits until the mailbox is created to continue. The mailbox is to be created when a license is assigned, but after the license assignment it takes some time for a mailbox to be created. Test-MAPIConnectivity cmdlet tests if the mailbox exists and returns true if it does, false otherwise or if times-out, in which case something else went wrong. #> function waitForMAPI($addr) { $sleepTime = 60 # number of seconds to sleep per loop $maxAttempts = 60 # number of times to loop before giving up: 180 = 3 hours $attempts = 0 do { Start-Sleep -s $sleepTime $testResult = (Test-MapiConnectivity -Identity $addr -ErrorAction "silentlycontinue").Result $attempts++ } while (($testResult -ne "Success") -and ($attempts -lt $maxAttempts)) if ($testResult -eq "Success") { return $true } else { return $false } } # --------------------------------------------------------- # do the login here $creds = New-Object System.Management.Automation.PSCredential $user, $passwd $psSession = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri "https://ps.outlook.com/PowerShell-LiveID?PSVersion=2.0" -Credential $creds -Authentication Basic -AllowRedirection Import-PSSession $psSession -AllowClobber | Out-Null # suppress output pl0x Connect-MsolService –Credential $creds # dem creds doe # =========================================================== # process employees first $found = $false $log = "" $users = Get-MsolUser -All -UnlicensedUsersOnly -Domain "domain.lt" foreach ($user in $users) { if (($user.userPrincipalName -like "*@domain.lt") -and ($user.BlockCredential -eq $false)) { # BlockCredential is true for mailgroups, false for users $found = $true if ($printDebug) { Write-Host "Found employee '$($user.userPrincipalName)', adding license and region (LT; lt-LT)" } $log = $log+"Found employee '$($user.userPrincipalName)', adding license and region (LT; lt-LT)`r`n" Set-MsolUser -UserPrincipalName $user.userPrincipalName -UsageLocation "LT" Set-MsolUserLicense -UserPrincipalName $user.userPrincipalName -AddLicenses $licSrv $res = waitForMAPI($user.userPrincipalName) if ($res -eq $True) { Set-MailboxRegionalConfiguration -Identity $user.UserPrincipalName -TimeZone "FLE Standard Time" -Language "lt-LT" -LocalizeDefaultFolderName Set-Clutter -Identity $user.userPrincipalName -Enable $False | Out-Null Start-Sleep -m 500 } else { if ($printDebug) { Write-Host "Time-out for employee '$($user.userPrincipalName)' to assign region (mailbox was not created in time)" } $log = $log+"Time-out for employee '$($user.userPrincipalName)' to assign region (mailbox was not created in time)`r`n" } } } if ($found) { "----------- $($today) : Employees -----------" | Out-File -FilePath $logfile -Append -Force $log | Out-File -FilePath $logfile -Append -Force } # =========================================================== # now process students if ($printDebug) { Write-Host "Start: $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')" } $found = $false $log = "" $users = Get-MsolUser -All -UnlicensedUsersOnly -Domain "sub.domain.lt" $totalUsers = $users.Count if ($printDebug) { Write-Host "Found $($totalUsers) users..." } $counter = 0 foreach ($user in $users) { if (($user.userPrincipalName -like "*@sub.domain.lt") -and ($user.BlockCredential -eq $false)) { # BlockCredential is true for mailgroups, false for users $found = $true $counter++ $usageLocation = "LT" $preferredLanguage = "lt-LT" if ($user.PreferredLanguage -eq "en-US") { $usageLocation = "US" $preferredLanguage = "en-US" } if ($printDebug) { Write-Host "[$($counter) of $($totalUsers)] Found student '$($user.userPrincipalName)', adding license and region ($($usageLocation); $($preferredLanguage))" } $log = $log+"Found student '$($user.userPrincipalName)', adding license and region ($($usageLocation); $($preferredLanguage))`r`n" Set-MsolUser -UserPrincipalName $user.userPrincipalName -UsageLocation $usageLocation Set-MsolUserLicense -UserPrincipalName $user.userPrincipalName -AddLicenses $studLicSrv $res = waitForMAPI($user.userPrincipalName) if ($res -eq $True) { Set-MailboxRegionalConfiguration -Identity $user.UserPrincipalName -TimeZone "FLE Standard Time" -Language $preferredLanguage -LocalizeDefaultFolderName Set-Clutter -Identity $user.userPrincipalName -Enable $False | Out-Null Start-Sleep -m 500 } else { if ($printDebug) { Write-Host "Time-out for student '$($user.userPrincipalName)' to assign region (mailbox was not created in time)" } $log = $log+"Time-out for student '$($user.userPrincipalName)' to assign region (mailbox was not created in time)`r`n" } } } if ($printDebug) { Write-Host "End: $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')" } if ($found) { "----------- $($today) : Students -----------" | Out-File -FilePath $logfile -Append -Force $log | Out-File -FilePath $logfile -Append -Force }