|
| 1 | +function Set-CIPPGroupLicense { |
| 2 | + [CmdletBinding()] |
| 3 | + param ( |
| 4 | + [Parameter(Mandatory = $true)][string]$GroupId, |
| 5 | + [string]$GroupName, |
| 6 | + [array]$AddLicenses = @(), |
| 7 | + [array]$RemoveLicenses = @(), |
| 8 | + [switch]$Replace, |
| 9 | + [Parameter(Mandatory = $true)][string]$TenantFilter, |
| 10 | + $Headers, |
| 11 | + $APIName = 'Set Group License' |
| 12 | + ) |
| 13 | + |
| 14 | + $AddLicenses = @( |
| 15 | + $AddLicenses | |
| 16 | + ForEach-Object { [string]$_ } | |
| 17 | + Where-Object { -not [string]::IsNullOrWhiteSpace($_) } |
| 18 | + ) |
| 19 | + $RemoveLicenses = @( |
| 20 | + $RemoveLicenses | |
| 21 | + ForEach-Object { [string]$_ } | |
| 22 | + Where-Object { -not [string]::IsNullOrWhiteSpace($_) } |
| 23 | + ) |
| 24 | + |
| 25 | + if ( [string]::IsNullOrWhiteSpace($GroupName)) { |
| 26 | + $GroupName = $GroupId |
| 27 | + } |
| 28 | + |
| 29 | + # fetch current assigned licenses, calculate the diff and replace with licenses |
| 30 | + if ($Replace.IsPresent) { |
| 31 | + try { |
| 32 | + $Current = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/groups/$($GroupId)?`$select=assignedLicenses" -tenantid $TenantFilter |
| 33 | + $CurrentSkus = @($Current.assignedLicenses.skuId) |
| 34 | + $RemoveLicenses = @($CurrentSkus | Where-Object { $_ -notin $AddLicenses }) |
| 35 | + $AddLicenses = @($AddLicenses | Where-Object { $_ -notin $CurrentSkus }) |
| 36 | + } catch { |
| 37 | + $ErrorMessage = Get-CippException -Exception $_ |
| 38 | + Write-LogMessage -API $APIName -tenant $TenantFilter -Headers $Headers -message "Failed to fetch current licenses for group $GroupName. Error: $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage |
| 39 | + throw "Failed to fetch current licenses for group $GroupName. Error: $($ErrorMessage.NormalizedError)" |
| 40 | + } |
| 41 | + } |
| 42 | + |
| 43 | + if ($AddLicenses.Count -eq 0 -and $RemoveLicenses.Count -eq 0) { |
| 44 | + return @("No license changes required for group $GroupName.") |
| 45 | + } |
| 46 | + |
| 47 | + $AddLicensesArray = foreach ($SkuId in $AddLicenses) { |
| 48 | + @{ disabledPlans = @(); skuId = $SkuId } |
| 49 | + } |
| 50 | + $LicenseBody = @{ |
| 51 | + addLicenses = @($AddLicensesArray) |
| 52 | + removeLicenses = @($RemoveLicenses) |
| 53 | + } | ConvertTo-Json -Compress -Depth 10 |
| 54 | + |
| 55 | + $Results = [System.Collections.Generic.List[string]]::new() |
| 56 | + try { |
| 57 | + $null = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/groups/$($GroupId)/assignLicense" -tenantid $TenantFilter -body $LicenseBody -type POST |
| 58 | + |
| 59 | + if ($AddLicenses.Count -gt 0) { |
| 60 | + $Message = "Assigned licenses to group $GroupName. Added: $($AddLicenses -join ', ')" |
| 61 | + [void]$Results.Add("$Message. It may take 2-5 minutes for changes to apply to members.") |
| 62 | + Write-LogMessage -API $APIName -tenant $TenantFilter -Headers $Headers -message $Message -Sev Info |
| 63 | + } |
| 64 | + if ($RemoveLicenses.Count -gt 0) { |
| 65 | + $Message = "Removed licenses from group $GroupName. Removed: $($RemoveLicenses -join ', ')" |
| 66 | + [void]$Results.Add("$Message. It may take 2-5 minutes for changes to apply to members.") |
| 67 | + Write-LogMessage -API $APIName -tenant $TenantFilter -Headers $Headers -message $Message -Sev Info |
| 68 | + } |
| 69 | + return $Results |
| 70 | + } catch { |
| 71 | + $ErrorMessage = Get-CippException -Exception $_ |
| 72 | + Write-LogMessage -API $APIName -tenant $TenantFilter -Headers $Headers -message "Failed to update licenses for group $GroupName. Error: $($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage |
| 73 | + throw "Failed to update licenses for group $GroupName. Error: $($ErrorMessage.NormalizedError)" |
| 74 | + } |
| 75 | +} |
0 commit comments