Author Posts

March 23, 2017 at 2:08 am

I need to be able to create a local AD account and then assign a o365 license to it. Right now we use ADManager to create the accounts which does both but I need to be able to do this in powershell.
I am pretty sure I can use new-aduser to create the local account then use set-MSOLUser to assign the license.

Is my assumption correct that set-MSOLUser will not create a local AD account, right?
If I do it the new-aduser and set-MSOLUser way I think I have to wait like 30 minutes for the 2 to sync up.

I was hoping for an easier way but this may be it and figured I would verify that here.

Thanks,
Scott

March 23, 2017 at 12:24 pm

I'm pretty sure that's the case, but it'd be cool if you could try it out and report back, so others will know as well!

March 23, 2017 at 3:00 pm

Are you using Azure Active Directory to sync your local AD to O365? We're using that. You should be able to, on the box that has the AAD installed on it to do the syncing, perform a manual sync in the Windows Azure Active Directory Module for PoSH using

Initiate Delta Sync

Start-ADSyncSyncCycle -PolicyType Delta

OR

Initiate Full Sync

Start-ADSyncSyncCycle -PolicyType Initial

That will mean you won't have to wait 30 minutes for the sync to take place, run that command an only wait like 5 minutes instead. Then use Set-MSOLUser to set their O365 license. 🙂

March 23, 2017 at 3:52 pm

Thanks for the help. We do not run any of those machines so I would not be able to run anything manually, unfortunately. All of that is run by the higher ups so I don't think they would want me running the sync manually 🙂

Looking over everything with the Set-msoluser cmdlet, it does not look like it will create the local AD account so I think my above method is the only option. AdManager does all of it together and right away but I am not sure how.

Thanks to everyone who replied back 🙂