Microsoft Office 365 Group Based Licensing

In February Microsoft announced the public preview of Azure AD group based licenses. The caveat it was only available for tenants with Azure AD basic and above not only that the dynamic group feature was available for tenants with Azure AD Premium subscriptions.  That being said once it goes GA it will be available to E3 and equivalent licensed tenants. I am a half full kinda guy!

While working on a large Exchange Migration I decided to test it out. The issue, well I did not have any AD groups that I could honestly rely on for the several type of Office 365 licenses that I was issuing.

Prior to this feature I was populating a custom attribute in AD, cutting over mailboxes and then licensing based on the custom attribute via Power Shell. This method worked but wasn’t as efficient as I would have liked it to be.

The solution was to create the unique groups and add the appropriate users in these groups. I did some searching on the web and came up line below thanks to TechNet.

Get-ADUser -SearchBase ‘OU=Sales,OU=EasternUS,DC=TechKrag,DC=com’ -Filter * | ForEach-Object {Add-ADGroupMember -Identity ‘O365-SalesLicenses’ -Members $_ }

I did this for each license type included the proper restrictions on the O365 License side such as removed Yammer, etc., following the Azure instructions here.

Once AD synced to Azure AD the users were now licensed! Group based licensing not only saved time it makes the future management of licenses and features simple and easy.  If you need to add or remove a product from a group simply make a change in one location and all members of the group will update with the change, etc..

This was a long time coming and some may say perhaps overdue! Either way I am glad its here and we can take advantage of it.

If you are passionate about O365 let your voice be heard by Microsoft visit the user voice page and get to voting or adding suggestions. 

 

For Microsoft Partners Only

Information Technology departments across the globe have started are in the initial stages of moving any one part of their infrastructure services to the cloud. Microsoft has taken the world by storm with Office 365. I must admit at first, like many IT professionals, I was hesitant to move to Office 365.  After learning more about I decided to get O365 certified. This brought a set of challenges, I realized I do not have a test environment! At first it wasn’t much of an issue. I would test things out with trial accounts, not a bad idea 25 users, etc. Not a bad idea but it was getting old quickly!

The solution

My employer was a Microsoft Partner and as a partner there are benefits. One of these not so well known benefits is the Office 365 Demo Site! This site allows the creation of up to 6 tenants. It has changes over time, they use to allow the license category selections and the term for a tenant was 6 months before it was automatically removed. The new terms is 3 months for automatic deletion of tenants and one license scheme. Either way it is a great place to for testing.

Below is a quick guide on how to get started.

Step 1 – Sign In

Visit the Demo Site and sign in.

Microsoft Demos

Microsoft Demo

Step 2 – Create Tenant

Once signed in you will be taken to the dashboard, in Home and under My Demo Environments you will have the option to “Create a New Demo Environment”, click on the + sign.

Microsoft Partner Demo

Step 3 – Chose Tenant type and/or Industry

You will see the options for tenant creations, sometimes there are many options. I think it depends on what Microsoft is pushing for the year. Not long ago it they had all Enterprise Tiers even the E5.

When I took this screen shot I only had the one shown below.

Microsoft Partner Demo

Select the tenant type.

Microsoft Partner Demo

Under Industry you have more options.

Microsoft Partner Demo

Once you select one select finish at this prompt.

Microsoft Partner Demo

Step 4 Take note of you tenant name

After it completes you will be taken to the Dashboard were you will be provided with the tenant domain name, administrator account and password. The tenant domain name is where the green dot is located in the screen shot below.

Microsoft Partner Demo

That is all there is to it. Now you can test, demo, etc with a real live Office 365 Tenant without the need of 30 trials.

Two step process to export a list of installed patches using PowerShell

desk-office-workspace-coworking

Building on the previous post Easy Server Inventory!

Not all businesses can afford expensive patch management solutions. Some organizations may have WSUS but not know how to use it properly or its outdated. Some of you may think SCCM can produce reports. SCCM is great when you have staff that can take advantage of it; for some its not a viable solution, because no one on staff has the skill set, price tag or a combination of time and/or money it takes to send someone to train on SCCM.

Scenario

The auditors, boss, corporate folks, etc. request a list or sample list of servers, they want to see  installed patches on each server with dates. A hefty proposition if you do not have one of these fancy applications that handle all of these things for you! No worries! Below is a quick way to keep things under control and provide the necessary information quickly and effectively.

Step 1

You can either gather a list of all servers in the domain via the AD Users and Computers, PowerShell or any other preferred method. You will use this to populate a txt file that will be used to feed the script.

Below is a script I like to use which can be useful for inventory, etc.

Export all servers to a friendly csv by running the following in PowerShell

Get-ADComputer -Filter {(OperatingSystem -Like "Windows *Server*")-and (Enabled -eq "True")} -Property * | Select Name,OperatingSystem,OperatingSystemServicePack,IPv4Address | export-csv Servers.csv -notypeinformation

*Added the (Enabled -eq "True") to filter only enabled Severs, thanks to the comment posted on Reddit by Master_apprentice .  -Thank you again

Step 2

Populate a file name servers.txt with the requested selection of servers.  Store this file in the same directory as the script below. The script below simply needs to be copied into either the PowerShell ISE or a notepad and saved as a ps1.

$ErrorActionPreference= 'silentlycontinue' # Allows the script to run in case of an error.

$servers = Get-Content -path Servers.txt  # Pulls the servers in question.

# The foreach below run the commands as the commands states for each server in the txt file.

# It then exports them to a useful csv.

foreach ($server in $servers)

{

(Get-Hotfix -ComputerName  $server | sort InstalledOn)| select CSName, Description, HotFixID, InstalledOn, RebootRequired | export-Csv -Path export.csv -append -notypeinformation

}

Once the report runs you will have a CSV with the information needed.

Easy Server Inventory using PowerShell – Minor Update

Easy Inventory with PowerShell

Ever need a quick inventory, well the following script pulls servers directly from AD. It cannot get easier than this. There is no need for fancy software or databases. Once the data is exported you can give it a facelift in excel and turn it in to the C level folks, share it with the team, your boss or perhaps you simply need a copy for yourself.

Export all servers to a friendly csv by running the following in PowerShell:

Get-ADComputer -Filter {(OperatingSystem -Like "Windows *Server*")-and (Enabled -eq "True")} -Property * | Select Name,OperatingSystem,OperatingSystemServicePack,IPv4Address | export-csv Servers.csv -notypeinformation

*Added the (Enabled -eq "True") to filter only enabled Severs, thanks to the comment posted on Reddit by Master_apprentice .  -Thank you again!

It can be saved as a script and set to automatically run as a scheduled task or use the script to feed a dataset somewhere with Power Bi, SQL, Access, etc.