Add an option to bypass service plan dependency check when assigning license to group
The Azure portal does not allow assignment of an add-on license to a user group unless a base license with prerequisite service plans is also assigned to the group. Example: Audio Conferencing can only be assigned to a group if (e.g.) Office 365 E3 with the Microsoft Teams service plan enabled is added to the group at the same time.
The problem is that most of our customers have a mix of Office licenses. In order to avoid service plan conflicts and unnecessary license usage, we would need to create a group for each possible combination of the addon and the relevant base products for each customer. In contrast, a one-to-one relationship between license and group would make the license assignment matrix cleaner and much easier to understand and maintain.
Microsoft's rationale is to ensure that prerequisites for the add-on products are met, but this check is really performed at the wrong stage of the assignment process.
In the current scenario, service plan dependencies are evaluated when the license is assigned to the group, while all other problems preventing the intended assignment (service plan conflicts, insufficient licensing, uniqueness violations, etc) are detected at the stage of actually assigning the license to each individual user.
In our example case, most users already have some flavor of Office product assigned. Hence, the prerequisite will most likely be fulfilled on the user level, regardless of which product the required service plan comes from. In the rare cases where the prerequisite is not met, the error will be reported and handled manually just like we need to do in the case of a service plan conflict (which is conceptually quite similar).
An "IgnoreDependencies" option would allow us to make a conscious decision to take responsibility for assigning licenses and service plans correctly, while maintaining a clean one-to-one relationship between product and licensing group.
Please consider this when support for adding licenses to groups is implemented in Powershell!
This is something we are considering, but there is no timeline now. If it matters to you, keep voting to help us prioritize.
Ryan P commented
Agreed. Example scenario
Today, I would need 6 separate groups for the following:
O365 E3 + AudioConferencing
O365 E3 + AudioConferencing + PhoneSystem
O365 E3 + EMS E3
O365 E3 + EMS E3 + Audio Conferencing
O365 E3 + EMS E3 + AudioConferencing + PhoneSystem
Istead, I'd rather 'stack' groups properly, so I'd only need 4 groups:
1) O365 E3
2) O365 EMS E3
3) O365 AudioConferencing
Then, I can just assign a user to 1 or more groups.
Erlend Moen commented
I completely agree with this suggestion. However - I would like to add another option as well. We have - as the proposer has - several different Office-groups with several different plans activated. Our concern is that new services are added automatically and activated by default. We have a rather strict security policy in our company that requires new services to go through a risk assessement before we can start to use them. Our wish is that Microsoft also would add an organization option to set all new services as deactivated by default.
“This is something we are considering, but there is no timeline now. If it matters to you, keep voting to help us prioritize.”