Adaxes

Deprovision user remove Azure and M365 roles

0 votes

Hello All, is is possible via Adaxes deprovisioning to remove all his Azure and M365 roles besides custom Powershell script?

Regards Ivaylo

by (100 points)
0

@ivaylo.valkov

This should be possible but only if you use groups to manage your role and license assignments. Otherwise you will need to use custom Powershell.

In Azure AD, you can have groups assigned to role assignments or licenses. Then during a deprovision use Adaxes to remove the user from the group, and thus removed from the role or license assignment.

by (320 points)
+1

This is what I though so I changed the roles assignment from direct to group based.

Thank you!

by (100 points)

1 Answer

0 votes
by (288k points)
selected by
Best answer

Hello Ivaylo,

Unfortunately, there is no such possibility. That is something you can only do using a script. The following article by Microsoft should be helpful: https://learn.microsoft.com/en-us/powershell/module/azuread/remove-azureaddirectoryrolemember?view=azureadps-2.0.

Related questions

0 votes
1 answer
As part of offboarding users I need to keep a note of all AD/Entra groups, Azure / M365 roles and licenses

As part of offboarding a user I need to generate a report of all AD groups, Entra groups and all Azure / M365 roles and licenses the user has before they ... about keeping a record of the leavers configured profile to simplify cloning them onto new starters.

asked Jun 24 by dhardyuk (20 points)
0 votes
1 answer
Deprovision users only disables the user and nothing more.

I have Deprovision set to the following It half works. It will only disable the users and thats it. It wont move them to a disabled users OU, reset the PW or change the ... are empty". I don't know what is wrong or why it isnt working as intended.

asked Nov 28, 2022 by LEGIT1 (150 points)
0 votes
1 answer
How to I delegate Send As permission and Full Access permission to a defined user during Deprovision?

Using the built in 'Deprovision' Custom Command, I would like the person that is trying to Deprovision a user (Help Desk member) be asked who (from a list of existing active ... to leave the question 'blank', which means that no one gets access to the mailbox.

asked Apr 22, 2020 by RayBilyk (240 points)
0 votes
1 answer
Remove all user from group and add new ones from TXT

Hi Guys, I'm trying to clean all users from Local Group test_group, and next new bunch of users form TXT fiel, by executing the following script as a scheduled task Import-Module ... .txt I have only 600 users. Do you have any idea how to improve this script?

asked Feb 27, 2015 by axmaster (510 points)
0 votes
1 answer
Scheduled task disable user if inactive on AD and Azure

I want to create a scheduled task to disable a user if he is inactive for 30days, the task must check inacivity o AD and Azure.

asked May 16 by johanpr (120 points)
3,541 questions
3,232 answers
8,225 comments
547,804 users