MSOL Admin Function

ncrooks · June 25, 2018, 10:36pm

For anyone with extra time:

How should I go about error handling/prevention for the User already being a member of the target groups?

function set-365admin {

  [CmdletBinding()]
  param
  (
    [Parameter(Mandatory=$false,
    HelpMessage='Do you want to use Default Settings, if you do not specify its set to true?')]
      [bool] $default = $true,
      [Parameter(Mandatory=$false,
    HelpMessage='Do you want to use Default Settings, if you do not specify its set to true?')]
      [string] $user = (read-host "Type a user display name like 'Sue Somebody'"),
    [Parameter(Mandatory=$True,
    HelpMessage="This will open the Technet Article describing all available roles, set to false by default use '-web:`$`true' to trigger page")]
      [bool] $web = $false,
    [Parameter(Mandatory=$false,
    HelpMessage="Adds read access on all O365 Users and adds Admin access to EAC")]
      [string] $roleName="Exchange Service Administrator",
      [Parameter(Mandatory=$false,
    HelpMessage="Adds Support Link to Create Service Tickets Direct with MS or Dell as Applicable")]
      [string] $roleName2="Service Support Administrator",
      [Parameter()]
          $oldverbose = $VerbosePreference,
       [Parameter()]
          $VerbosePreference = "continue",
      [Parameter(Mandatory=$false,
      HelpMessage="Use this to reviwe the available admin roles, pipe it out to gridview or just call it")]
      $roles = (Get-MsolRole | ? {$_.Name -like '*administrator*'} | Select *)

  )
  process {
  $oldverbose = $VerbosePreference
  $VerbosePreference = "continue"
  Write-Verbose "Verbose Set Proceeding"
  start-sleep -Seconds 2
  IF ($web) 
  {start https://docs.microsoft.com/en-us/azure/active-directory/active-directory-assign-admin-roles-azure-portal}
  elseif ($default) {
  write-verbose "Detected Default Config - $default Use CTRL + C to QUIT or Hit Enter to Proceed"

  pause
Add-MsolRoleMember -RoleMemberEmailAddress (Get-MsolUser | Where DisplayName -eq $dispName).UserPrincipalName -RoleName $roleName
    write-verbose "Added Exchange Admin proceeding with Service Support Admin"
Add-MsolRoleMember -RoleMemberEmailAddress (Get-MsolUser | Where DisplayName -eq $dispName).UserPrincipalName -RoleName $roleName2

    Write-Verbose "$user is currently member of the following"
Get-MsolUserRole -UserPrincipalName ((Get-MsolUser | ? {$_.DisplayName -like $user}).UserPrincipalName)

    Write-Verbose "Script is completed, resetting verbose and exiting"
    $VerbosePreference = $oldverbose
    
    Break
  }
  else {
  $oldverbose = $VerbosePreference
  $VerbosePreference = "continue"
  write-verbose "This function is designed to address default adjustments only, please modify user membership manually"
  start-sleep -Seconds 2
  Write-verbose "Triggering the How to Page"
  start https://docs.microsoft.com/en-us/powershell/module/msonline/add-msolrolemember?view=azureadps-1.0

  Write-Verbose "Script is completed, resetting verbose and exiting"
    $VerbosePreference = $oldverbose
    Break
  }
  #End Process
  }
  #End Function
  }

postanote · June 26, 2018, 12:42am

I don’t see where you are trying to look at groups or compare against group list.
Use the MSOL cmdlets to get a list of the users in a given group and use if/then or try catch.
Use the current user and the MSOL cmdlets to check membership, and use the same logic as in the above.

Get-MsolGroup Gets groups from Azure Active Directory. 'docs.microsoft.com/en-us/powershell/module/msonline/get-msolgroup?view=azureadps-1.0'
Get-MsolGroupMember
Retrieves members of the specified group.
‘Get-MsolGroupMember (MSOnline) | Microsoft Learn’

Topic		Replies	Views
Correcting and querying AD group membership PowerShell Help	4	127	May 16, 2024
Check Weather a user is a member of any group PowerShell Help	2	542	May 16, 2024
AD user security group membership PowerShell Help	1	217	May 16, 2024
Group comparison PowerShell Help	17	316	May 16, 2024
Evaluating AD Group Membership PowerShell Help	5	295	May 16, 2024

MSOL Admin Function

Related topics