12 votesJason Pociask shared this idea ·
89 votesJason Pociask supported this idea ·Jason Pociask commented
We have several hundred thousand users, will thousands added and deleted in some months, and our on-premise AD allows duplicated proxyAddresses values. We have a script to clean them up when a user with a duplicated value flows through Azure AD Connect, but then after the script clears the duplicated proxyAddresses value, and the Export succeeds, their dyn group license is in a failure state.
So we have to routinely manually visit the Azure Portal to open each affected group, access the list of affected users and click "Reprocess" on each user to get their dynamic group based licenses to apply (this is NOT "reprocess the group", just reprocess that user to allow their licenses to be applied.
Why can't Azure have a batch job that just runs through the dynamic groups with "License assignment errors" once each evening and simulate that "reprocess" click? Or can we have a Powershell cmdlet and script that can walk and reprocess those few affected users?