[PowerShell] 无需全局管理员权限查看 Office365 组织内的订阅属性(订阅日期,许可证,全局管理员状态等)

纸扎戏偶

此工具用于查询Office365订阅(许可证)状态。
无需管理员权限即可查看Office365组织内的订阅属性以及全局管理员的状态。
比如: 验证该Office365组织的全局管理员账户是否翻车(被禁止登陆)/是否存在.

使用方法:
下载:Office365.ps1
http://piaoyun.online/Office365
代码如下:

[CmdletBinding()]
Param([String]$u, [String]$p, [String]$l)
<#
  # Details Office365 SKU by Powershell 
  #                  Author: MoeClub.org
  
  Name       : SKU
  -------------------------------------
  E3_MSDN    : DEVELOPERPACK
  A1_Student : STANDARDWOFFPACK_STUDENT
  A1_Faculty : STANDARDWOFFPACK_FACULTY
  A1P_Student :STANDARDWOFFPACK_IW_STUDENT
  A1P_Faculty :STANDARDWOFFPACK_IW_FACULTY

#>
# Allow script: "Set-ExecutionPolicy -ExecutionPolicy Bypass -Force"

$CommandList = (Get-Command -All)
If (-Not ("Connect-MsolService" -in $CommandList.Name)) { Write-Host "`nInstall..."; Install-Module -Scope CurrentUser -Name MSOnline -Force }
If ([String]::IsNullOrEmpty($($u).Trim())) { 
  Do { $User = (Read-Host "Microsoft Office365 UserName") } While ([String]::IsNullOrEmpty($($User).Trim())) 
} Else {
  $User = $u
}
If ([String]::IsNullOrEmpty($($p).Trim())) { 
  Do { $Passwd = (Read-Host "Microsoft Office365 Password") } While ([String]::IsNullOrEmpty($($Passwd).Trim()))
} Else {
  $Passwd = $p
}
$SecureString = ConvertTo-SecureString -AsPlainText "${Passwd}" -Force
$MySecureCreds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList ${User},${SecureString}
Write-Host "`nLogin: ${User}"
Connect-MsolService -Credential $MySecureCreds 2>&1>$null
If (-Not $?) { Write-Host "Error: Authentication."; Exit 1; }
$UserRole = (Get-MsolUserRole -UserPrincipalName "${User}").Name
$UserDetails = (Get-MsolUser -UserPrincipalName "${User}")
$UserSKU_Full = (Get-MsolAccountSku)
$UserORG = ($UserSKU_Full.AccountSkuId -Split ":")[0]
If ([String]::IsNullOrEmpty($UserORG)) { Write-Host "Error: Office365 Name." }
$UserSKU = $UserSKU_Full.AccountSkuId
If ([String]::IsNullOrEmpty($UserRole)) { $UserRole = "User" }
Write-Host "User Role: ${UserRole}"
$AdminGuid = (Get-MsolRole -RoleName "Company Administrator").ObjectId.Guid
If (-not ([String]::IsNullOrEmpty($($AdminGuid).Trim()))) {
  Function QueryAdmin($AdminUser){
    If (-not ([String]::IsNullOrEmpty($AdminUser))) {
      $AdminBlock = (Get-MsolUser -UserPrincipalName "${AdminUser}").BlockCredential
      If ("$AdminBlock" -eq "False") { $AdminStatus = "[Enable]" } Else { $AdminStatus = "[Disable]" }
      Return -Join("$AdminStatus", "$AdminUser", "; ")
    }
  }
  $AdminList = (Get-MsolRoleMember -RoleObjectId $AdminGuid).EmailAddress
  If (-not ([String]::IsNullOrEmpty($($AdminList)))) {
    $AdminRole = ""
    If ($AdminList -is [String]) {
      $AdminRole = (QueryAdmin $AdminList)
    } ElseIf ($AdminList -is [Array]) {
      For($i=0; $i -lt $AdminList.Count;$i++){
        $AdminRole += (QueryAdmin $AdminList[$i])
      }
    }
  } Else {
    $AdminRole = "[Null]"
  }
  If (-not ([String]::IsNullOrEmpty($($AdminRole)))) {
    Write-Host "Admin User: ${AdminRole}"
  }
}
$UserDomain = (Get-MsolDomain)
$UserDomain_Item = ""
For($i=0; $i -lt $UserDomain.Count; $i++) {
  $Domain_Name = $UserDomain[$i].Name
  $Domain_Default = $UserDomain[$i].IsDefault
  If ($Domain_Default -eq $True){
    $Domain_Status = "Default"
  } Else {
    $Domain_Status = $UserDomain[$i].Status
  }
  $UserDomain_Item += -Join("[", "${Domain_Status}", "]", "${Domain_Name}", "; ")
}
Write-Host "Office365 Domain: ${UserDomain_Item}"
If (-not ([String]::IsNullOrEmpty($($l).Trim()))) {
  If ("$l" -eq "_"){ Exit 0 }
  If (-Join("$UserORG", ":", "$l") -in $UserSKU) {
    $QueryItem = $l
  } Else {
    $l = ""
  }
}
If ([String]::IsNullOrEmpty($($l).Trim())) {
  $QueryItem = ""
  If ($UserSKU -is [Array]){
    If ($UserSKU.Count -gt 0) {
      $SKUITEM = ""
      For($i=0; $i -lt $UserSKU.Count; $i++){ $SKUITEM += -Join(($UserSKU[$i] -Split ":")[1], "; ") }
      Write-Host "Office365 SKU: ${SKUITEM}"
      Do { $QueryItem = (Read-Host "Query Office365 SKU") } While (-not (-Join("$UserORG", ":", "$QueryItem") -in $UserSKU))
      Write-Host "`n"
    } Else {
      Write-Host "Error: Not found subscription."; Exit 1
    }
  } Else {
    $QueryItem = ($UserSKU -Split ":")[1]
  }
}
$skuDetails = ($UserSKU_Full | where {$_.AccountSkuId -eq -Join("$UserORG", ":", "$QueryItem")})
$SubscriptionId = ($skuDetails.SubscriptionIds.Guid)
If ([String]::IsNullOrEmpty($SubscriptionId)) { Write-Host "Error: Subscription."; Exit 1 }
Function QueryStatus($SubscriptionId){
  $SubscriptionDetails = (Get-MsolSubscription -SubscriptionId $SubscriptionId)
  $SubscriptionDate = ($SubscriptionDetails.DateCreated -Split " ")[0]
  $SubscriptionStatus = "$($SubscriptionDetails.Status)"
  Write-Host "TotalUnits: $($SubscriptionDetails.TotalLicenses)"
  If ("$($SubscriptionDetails.IsTrial)" -eq "False") {
    Write-Host "SubscriptionStatus: ${SubscriptionStatus}"
  } Else {
    Write-Host "SubscriptionStatus: [Trial] ${SubscriptionStatus}"
  }
  Write-Host "SubscriptionDate: ${SubscriptionDate}"
  Write-Host "SubscriptionId: ${SubscriptionId}"
  If ("$SubscriptionStatus" -eq "Enabled") { Return 0 } Else { Return 1 }
}
$SkuPartNumber = "$($skuDetails.SkuPartNumber)"
Write-Host "SkuName: ${SkuPartNumber}"
Write-Host "ActiveUnits: $($skuDetails.ActiveUnits)"
Write-Host "ConsumedUnits: $($skuDetails.ConsumedUnits)"
If ($SubscriptionId -Is [String]) {
  $ReturnCode = (QueryStatus $SubscriptionId)
} ElseIf ($SubscriptionId -Is [Array]) {
  For($i=0;$i -lt $SubscriptionId.Count;$i++){
    Write-Host "Item: ${SkuPartNumber}[$($i+1)]"
    $ReturnList += (QueryStatus $SubscriptionId[$i])
  }
  If (1 -in $ReturnList){ $ReturnCode = 1 } Else { $ReturnCode = 0 }
}
If ("$ReturnCode" -eq "0") { Exit 0 } Else { Exit 1 }

运行方式有两种:

1、在命令提示符中交互式运行:

# 在Office365.ps1所在文件夹中按住Shift并点击鼠标右键选择"在此处打开命令窗口".
powershell .\Office365.ps1

2、在命令提示符中带参数运行(参数可选):

# 在Office365.ps1所在文件夹中按住Shift并点击鼠标右键选择"在此处打开命令窗口".
# 当""项指定值为"_"时,则不查询SKU状态.
powershell .\Office365.ps1 -u  -p  -l 

3、在PowerShell中运行:

# 打开PowerShell主程序,切换至Office365.ps1所在目录.
# 执行脚本(带参数或不带参数).
.\Office365.ps1
.\Office365.ps1 -u  -p  -l 

4、无法运行/运行报错:

# 以管理员身份运行命令提示符,输入powershell并按回车,然后执行下面命令.
# 第一次运行将自动下载所需组件,请耐心等待.
# 直接打开运行会造成视觉上的闪退效果,请打开命令提示符或者Powershell主程序运行.
# 飘云在Win10上测试, 无任何异常.如果出现表达式错误,请升级您的Powershell版本.
Set-ExecutionPolicy -ExecutionPolicy Bypass -Force
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope CurrentUser -Force

使用说明:

当SKU类型数量等于1时,默认选择唯一的SKU名称.
当SKU类型数量大于1时,在给出的列表中选择一项输入SKU名称.
在命令提示符中鼠标右键为复制/粘贴.
一些常见的SKU名称:

#  Name       : SKU
-------------------------------------
#  E3_MSDN    : DEVELOPERPACK
#  A1_Student : STANDARDWOFFPACK_STUDENT
#  A1_Faculty : STANDARDWOFFPACK_FACULTY
#  A1P_Student :STANDARDWOFFPACK_IW_STUDENT
#  A1P_Faculty :STANDARDWOFFPACK_IW_FACULTY

示例:

如果显示信息不完整,则是全局管理员关闭了Azure AD访问权限.

Login: admin@piaoyuncc.onmicrosoft.com
User Role: User    # 此用户在组织内的角色. User: 普通用户; Company Administrator: 全局管理员
Admin User: [Disable]admin@piaoyuncc.onmicrosoft.com;    # 全局管理员状态列表. [Disable]表示该全局管理员目前不可以登录. [Enable]表示该全局管理员目前可以登录. [Null]表示该组织目前无全局管理员.
Office365 SKU: DEVELOPERPACK; STANDARDWOFFPACK_STUDENT; STANDARDWOFFPACK_FACULTY; STANDARDWOFFPACK_IW_FACULTY; STANDARDWOFFPACK_IW_STUDENT;   # 组织内可用的SKU列表

Query Office365 SKU: STANDARDWOFFPACK_IW_STUDENT    # 输入要查询的SKU名称

SkuName: STANDARDWOFFPACK_IW_STUDENT    # 显示SKU名称
ActiveUnits: 1000000    # 显示SKU可用许可证数量
ConsumedUnits: 1    # 显示SKU已分配许可证数量
TotalUnits: 1000000    # 显示SKU总共许可证数量
SubscriptionStatus: Enabled    # 显示许可证状态. 如果是Enabled状态,则订阅正常. 如果含有[Trial]标记,则表示为试用类型订阅.
SubscriptionDate: 10/17/2015    # 订阅创建日期. 如果调整过许可证数量,则显示为最近调整的日期.
SubscriptionId: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx    # 订阅唯一ID.

文章版权声明:除非注明,否则均为我爱教程术原创文章,转载或复制请以超链接形式并注明出处。