0 votes

Hey Everyone,

I have a few questions about how others are handling the removal of Office 365 licenses for users who have left the organization. I went and set something up that made sense for our environment a few months ago and it was working for a while...but has become inconsistent. Below I'll try to summarize below what I've setup:

  1. When we receive a future notification of someone leaving, we end date the account for that day.
  2. I have a scheduled task configured for 6 PM everyday to check our OU where our users reside. It grabs these expired users and disables them and moves them to a separate "Disabled Users" OU. It also adds them to a few AD Security Groups I've created for future cleanup efforts (Remove E1 add E3, Check Litigation Hold, Remove E3 License)
  3. I then have a three tasks configured that run over night looking in that Disabled Users OU for users who are members of those groups and perform tasks on each. I have it setup so it won't touch these newly moved/disabled users for 14 days.
  4. So the disabled account sits in the Disabled Users OU for 13 days and nothing happens to it...then on the 14th day I:

a. Check to see if it has an E1 license( we only have a few of these) and if so change it to E3. Confirmed with Microsoft that this is OK. Must have E3 for Litigation hold configuration options
b. Check to see if it's on any litigation hold (Used a script you guys helped create), and if it's not, configure it for a 365 day hold.
c. Remove the E3 License.

I have each of those 3 scheduled tasks running an hour apart from each other. I ran into problems trying to do multiple things with licenses in one pass. I'm now running into an issue with the Office Tenant. When Adaxes attempts to perform these tasks it errors out (about 50% of the time) and says "There are no Office 365 Tenants associated with the user".

With me disabling this account and letting it sit for 13 days....is there something running that would remove the tenant from that user? It must be occurring within Office 365....maybe? I'll likely shorten that window but it's nice because we often receive a ticket a few days after an account is disabled that says "hey, re-enable this user they are still working here, etc".

Help! Thanks!!

by (490 points)

Hello Ben,

To help us troubleshooting the issue, could you answer the following questions:

  1. How many Office 365 tenants do you have?
  2. Over which parts of your Active Directory are they assigned? What are their Active Directory scopes?

Also, could you post screenshots of the involved Custom Commands, Scheduled Tasks and Business Rules? If you want, you can contact us using our support email address (support[at]adaxes.com).


Support, thanks for the reply on this. I wanted to report back that after I corrected what OUs my Tenant have access over (I didn't have it configured over the new OU I created) the problem was resolved. Thanks for the help!

Please log in or register to answer this question.

Related questions

0 votes
1 answer

Hi, I try to make a report for our SAM to show all users with a specific license. But I fail to even find anything. I tried, among many ... .DirectorySearcher.AppendFilter("(adm-O365AccountLicenses=POWER_BI_STANDARD)") But I get nothing. Please advice.

asked May 20 by KristofferJ (20 points)
0 votes
1 answer

We need to capture the Office365 (if any) on the user account before we disable. These are accounts taht are temps or contractors that we disabled and re enable for ... Example of group name is Office-E3-EXO and we want to capture it to CustomAttributeText31

asked Aug 4, 2020 by willy-wally (3.2k points)
0 votes
1 answer

I'm trying to retrive the Microsoft 365 License product name in a report as the 'Office 365 License' attribute in Adaxes shows each individual licensed product e.g. ... 365 F3"} } $productnames = $productnames -join ", " $Context.Value = $productnames

asked Jul 27, 2020 by richarddewis (220 points)
0 votes
1 answer

When attempting to add an O365 license to an AD account via the Adaxes admin console, I noticed that it is missing some license types (e.g. Azure AD Premium P1). In ... Is there a way to configure Adaxes to pull all available license types from O365? Thanks!

asked Oct 22, 2019 by EricB (70 points)
0 votes
1 answer

I am wondering what the expected behavior is, and what troubleshooting can be done, for this issue: We have a few tenants listed under Cloud Services > Office 365 We ... know, but they don't have access to force the license update themselves. Thanks, Jason

asked Jan 9, 2019 by Jasonmh (540 points)
2,527 questions
2,272 answers
513,097 users