Saturday, August 11, 2018

Assign Office 365 Admin Roles in Bulk via Text File Input

Larger tenants office 365 administrator many a times have to assign one of the office 365 admin Roles in bulk.

I have also been in such a situation and being lazy helps me & community as sharing the code for everyone to use :)

Here are the Office 365 Roles that can be assigned using GUI or MSOL cmdlets.

    "Helpdesk Administrator",

    "Service Support Administrator",

    "Billing Administrator",

    "Partner Tier1 Support",

    "Partner Tier2 Support",

    "Directory Readers",

    "Exchange Service Administrator",

    "Lync Service Administrator",

    "User Account Administrator",

    "Directory Writers",

    "Company Administrator",

    "SharePoint Service Administrator",

    "Device Users",

    "Device Administrators",

    "Device Join",

    "Workplace Device Join",

    "Compliance Administrator",

    "Directory Synchronization Accounts",

    "Device Managers",

    "Application Administrator",

    "Application Developer",

    "Security Reader",

    "Security Administrator",

    "Privileged Role Administrator",

    "Intune Service Administrator",

    "Cloud Application Administrator",

    "Customer LockBox Access Approver",

    "CRM Service Administrator",

    "Power BI Service Administrator",

    "Guest Inviter",

    "Conditional Access Administrator",

    "Reports Reader",

    "Message Center Reader",

    "Information Protection Administrator"

 

Download the script from below link:


https://gallery.technet.microsoft.com/scriptcenter/Assign-Office-365-Role-in-f80904e3

Create a input text file with list of UserPrincipalName to whom you want to assign a designated role.

For example: Security Administrator for members of your organization IT security team.

.\AssignO365Admin.ps1 -Role 'Security Administrator' -filePath C:\AssignO365Admin\Users.txt
text file contains UPN for users:

 

testup1@labtest.com

testup2@labtest.com

testup3@labtest.com

testup4@labtest.com


As Validation Set has been used inside the script so you can just use Tab to browse between the values.

Ones launched it will ask you for office 365 admin credentials and will start applying the selected role as shown in below screen shots.



Note: MSOL is essential component for this script (refer for install : https://syscloudpro.com/2015/04/30/connecting-office-365-via-powershell/ )




<#     
    .NOTES 
    =========================================================================== 
     Created with:     VS Code 
     Created on:       8/10/2018 1:46 PM 
     Created by:       Vikas Sukhija 
     Organization:      
     Filename:         AssignO365Admin.ps1 
    =========================================================================== 
    .DESCRIPTION 
        This will take Input of UPN from tesxt file and assign the o365 admin role 
#>
 
[CmdletBinding()] 
Param
    [Parameter(Mandatory = $True, Position = 1)] 
    [ValidateSet("Helpdesk Administrator"
    "Service Support Administrator"
    "Billing Administrator"
    "Partner Tier1 Support"
    "Partner Tier2 Support"
    "Directory Readers"
    "Exchange Service Administrator"
    "Lync Service Administrator"
    "User Account Administrator"
    "Directory Writers"
    "Company Administrator"
    "SharePoint Service Administrator"
    "Device Users"
    "Device Administrators"
    "Device Join"
    "Workplace Device Join"
    "Compliance Administrator"
    "Directory Synchronization Accounts"
    "Device Managers"
    "Application Administrator"
    "Application Developer"
    "Security Reader"
    "Security Administrator"
    "Privileged Role Administrator"
    "Intune Service Administrator"
    "Cloud Application Administrator"
    "Customer LockBox Access Approver"
    "CRM Service Administrator"
    "Power BI Service Administrator"
    "Guest Inviter"
    "Conditional Access Administrator"
    "Reports Reader"
    "Message Center Reader"
    "Information Protection Administrator")] 
    $Role
 
    [Parameter(Mandatory = $True, Position = 2)] 
    [string]$filePath = $(Read-Host "Enter file path containing UserPrincipalNames"

 
function LaunchMSOL { 
    import-module msonline 
    Write-Host "Enter MS Online Credentials" -ForegroundColor Green 
    Connect-MsolService 

 
Function RemoveMSOL { 
     
    Write-host "Close Powershell Window - No disconnect available" -ForegroundColor yellow 

##########################Start the script####################### 
Try { 
    LaunchMSOL 

catch { 
    $_.exception 
    Write-Host "exception occured loading MSOL" -ForegroundColor Yellow 
    break

 
try { 
    $users = get-content $filePath 
 
    $users | ForEach-Object { 
        $user = $_ 
        Write-host "Apply $Role to $user" -ForegroundColor green 
        Add-MsolRoleMember -RoleMemberEmailAddress $user -RoleName $Role 
    } 

catch { 
    $_.exception 
    Write-Host "exception occured applring o365 role" -ForegroundColor Yellow 

######################################################################





Thanks for downloading

Sukhija Vikas

http://SysCloudPro.com

1 comment: