This article describes how to create a report about group-based licensing assignments and any errors that might have occurred. The code uses the Microsoft Graph PowerShell SDK to fetch information about the groups used for licensing assignments, interpret the assignments, find users with assignment errors, and send email to inform administrators about what's been found.
Moving Group-Based Licensing to the Microsoft 365 Admin Center can create some challenges. Luckily there is a way to avoid this. In this blog, we explain how to execute Group-Based License swaps with the help of the Microsoft Graph PowerShell SDK.
Group-based licensing is a simple way to automate the distribution of licenses to members of security groups. In this article, we review how the mechanism works and show how to automate operations with PowerShell. Finally, we update the tenant licensing report to include group-based licensing and to highlight duplicate license assignments.
The audit events generated for license assignments to user accounts available in the Azure AD audit log and Office 365 audit log are inconsistent and incomplete. This is certainly true for licenses assigned to accounts through auto-claim policies and group-based licensing, but known gaps exist in the audit records generated in other areas of Office 365 and Microsoft 365 functionality. We think Microsoft needs to pay attention to ensure that auditing works consistently and predictably across all workloads. Once they improve the fit and finish of audit record generation, they can move into other areas, like charging for access to high-value audit events.
