I need to be able to create a local AD account and then assign a o365 license to it. Right now we use ADManager to create the accounts which does both but I need to be able to do this in powershell.
I am pretty sure I can use new-aduser to create the local account then use set-MSOLUser to assign the license.
Is my assumption correct that set-MSOLUser will not create a local AD account, right?
If I do it the new-aduser and set-MSOLUser way I think I have to wait like 30 minutes for the 2 to sync up.
I was hoping for an easier way but this may be it and figured I would verify that here.
Are you using Azure Active Directory to sync your local AD to O365? We’re using that. You should be able to, on the box that has the AAD installed on it to do the syncing, perform a manual sync in the Windows Azure Active Directory Module for PoSH using
Initiate Delta Sync
Start-ADSyncSyncCycle -PolicyType Delta
OR
Initiate Full Sync
Start-ADSyncSyncCycle -PolicyType Initial
That will mean you won’t have to wait 30 minutes for the sync to take place, run that command an only wait like 5 minutes instead. Then use Set-MSOLUser to set their O365 license.
Thanks for the help. We do not run any of those machines so I would not be able to run anything manually, unfortunately. All of that is run by the higher ups so I don’t think they would want me running the sync manually
Looking over everything with the Set-msoluser cmdlet, it does not look like it will create the local AD account so I think my above method is the only option. AdManager does all of it together and right away but I am not sure how.