Entra ID Licensing Automation Microsoft 365 Teams Phone

Create a Dynamic Azure AD Group with all Teams Phone Standard Licensed Users

When it comes to Azure AD and licensing, we usually use Azure AD Groups to assign certain licenses to group members. It’s an effective way…

When it comes to Azure AD and licensing, we usually use Azure AD Groups to assign certain licenses to group members. It’s an effective way to assign different licenses to different teams within your organization. For example, you could have a group which assigns a Microsoft 365 E5 license to all the IT-Staff.

Is there a need to do the opposite? Add all users who have a specific service plan assigned to an Azure AD group? Although this scenario might not be as common as the first one, there’s certainly a use case for it.

Think about a Teams call queue in a small to mid-sized firm which distributes incoming calls to, let’s say 5–10 call agents. If none of these agents are able to answer the call within a certain time, the call is then escalated to a second call queue which contains all the company’s Teams Phone Standard enabled users. A call queue can have up to two hundred call agents, if they’re added via a Teams Channel or a group.

Instead of adding all phone enabled users manually we can create an Azure AD group which uses a dynamic query to include all users which have the service plan “MCOEV” assigned.

Here’s how to do it

First, head over to portal.azure.com and go to Azure AD, Groups. Then click New group.

You can choose between a Microsoft 365 Group or a Security Group. For the Membership type, choose Dynamic User and then Add dynamic query.

Click the Edit button on Rule syntax.

Now enter the following query and click OK.

USER.ASSIGNEDPLANS -ANY (ASSIGNEDPLAN.SERVICEPLANID -EQ “4828c8ec-dc2e-4779-b502-87ac9ce28ab7” -AND ASSIGNEDPLAN.CAPABILITYSTATUS -EQ “ENABLED”)

The Id we are querying is the Id for the service plan “MCOEV” which can be seen here. Since we’re looking for the service plan Id, it doesn’t matter if the license is assigned to a user via the Teams Phone Standard add-on, E5 or even Common Area Phone SKU. With the second part of the query (-AND) we’re also making sure, that we’re only including users where the service plan is actually enabled.

Click Save.

And finally, click Create.

It will take a while until all the members have been added. We can check if our rule works by clicking on Dynamic membership rules and navigating to Validate Rules (preview). Let’s add some users and check if they meet the criteria.

By clicking View details we can examine the query and see exactly why a user will be included or not.

Here’s an example of a user where the service plan is assigned and also enabled.

The user Bill has a Teams Phone Standard License but won’t be added to the group because the service plan is disabled.

Now you can use this group to assign it to a call queue. Whenever you license newly created users for the service plan MCOEV, the agent list of the call queue will automatically be updated. From my experience it can take some time until the agent lists of call queues are updated if you’re using group or channel assignments. I will write another article on how to force an agent list sync for call queues which use group assignments. So stay tuned!

Licensed under CC BY-NC-SA 4.0
comments powered by Disqus
© 2022 - 2024 HEUSSER.PRO
Hosted on GitHub Pages
Built with Hugo
Theme Stack designed by Jimmy