| Description | Link |
| Summary | Link |
| Pre-Requisites | Link |
| Breakdown | Link |
| Credits | Link |
This script utilizes Azure Automation Runbooks and Graph API to detect mailboxes without licenses and license them. The script has built in failure detection to identify licensing issues. All processed mailboxes (successful or failed) are logged into a Power BI dataset which can be used to create a report (click here for more info).
Before we can configure the script to run via Azure Automation Runbook we need to register an application with Azure AD to pull and set settings via Graph API.
- Sign into the Azure Portal
- Navigate to Azure Active Directory > App Registration using the navigation blade.
- Click New registration.
- Provide a Name and click Register.
- After the application is created navigate to Manage > API permissions.
- Click Add a permission > Microsoft Graph.
- Select Application permissions at the next prompt.
- Check User > User.ReadWrite.All and MailboxSettings > MailboxSettings.Read and click Add permissions
- The API permissions list should look like this now.
- Click Grant admin consent for... and complete the authentication and consent dialog.
- The API permissions list should look like this now.
- Navigate to Manage > Certificates & secrets.
- Click New client secret, enter a Description, select how long the secret is valid (Expires), click Add.
- Copy the secret Value as it will only appear this once.
- Navigate to Overview copy the Appliation (client) ID
- Store the information you have copied you will need it when setting up the script.
