O365 admin is funny. There a lot of things that you do a certain way if you came from an on premise environment. You don’t think about it (Like disabling a user). Well you have now moved into a hybrid environment and hopefully soon and all cloud environment. You need to Reclaim O365 Licenses.
Why do you need to start thinking about licensing when you disable / delete a user. If you don’t, you will need to reclaim O365 Licenses From Deleted Users. After awhile it might get expensive. Recycle the licenses as much as you can! Here I will show you how to quickly do this in a cloud environment and what steps you need to do differently in a Hybrid environment.
How to Reclaim O365 Licenses From Deleted Users in a Cloud Environment
This can be done very easily using power shell. A disabled used in strictly the cloud is deleted. You can go into the admin panel of O365 (now it’s called Entra??) and go into “Delete Users”. Pick the user with the license you want to recover and click “Restore User”. From there you can uncheck the license and then delete the user again….or…you can use PowerShell for if you need to reclaim more licenses.
Using PowerShell
Here is a great script that will help you with what I mentioned above especially if you have several users to go through (This is similar to the one I wrote on MFA):
#Connects to your Office365 tenant
#Connect-MsolService
#MAIN
$delUsers = Get-MsolUser -ReturnDeletedUsers | select UserPrincipalName,IsLicensed | Where-Object {$_.IsLicensed -eq $true} | export-csv c:\Temp\IsLisc.csv
$delUsers| foreach{
$UPN = $_.UserPrincipalName
Restore-MsolUser -UserPrincipalName $UPN
(get-MsolUser -UserPrincipalName $UPN).licenses.AccountSkuId |
foreach{
$License = $_
echo “Removing license: $License”
Set-MsolUserLicense -UserPrincipalName $UPN -RemoveLicenses $License -ErrorAction SilentlyContinue
}
Remove-MsolUser -UserPrincipalName $UPN -Force
}
#showing list again for verification
Write-Host Show list of deleted users so you can verify that there are no outstanding licenses. List should all be false
$delUsers = Get-MsolUser -ReturnDeletedUsers | select UserPrincipalName,IsLicensed | Where-Object {$_.IsLicensed -eq $false}
Return $delUsers
In a nutshell, this script connect to the MSOLservice, writes all delete users who are still licensed to a CSV file (located in C:\Temp – you can change this to whatever folder you want). Restores the user in the list, removes all the the licenses attributed to it and then deletes it again.
It is a little different in a hybrid situation.
How to Reclaim O365 Licenses From Deleted Users in a Hybrid Environment
You will need to go into AD and find all the disabled users and re-enabled them. Then either wait for an AD sync or perform a sync with a Start-ADSyncSyncCycle -PolicyType Delta on a domain controller. Then rerun the script minus the lines about deleting the users:
#Connects to your Office365 tenant
#Connect-MsolService
#MAIN
$delUsers = Get-MsolUser -ReturnDeletedUsers | select UserPrincipalName,IsLicensed | Where-Object {$_.IsLicensed -eq $true} | export-csv c:\Temp\IsLisc.csv
$delUsers| foreach{
$UPN = $_.UserPrincipalName
Restore-MsolUser -UserPrincipalName $UPN
(get-MsolUser -UserPrincipalName $UPN).licenses.AccountSkuId |
}
Go back to AD and disable the users again. That should do it.
Happy IT’ing
Dan