To correct the syntax error in your dynamic security group rule for Microsoft 365 Business Premium licenses, you need to ensure the correct syntax for filtering based on assigned plans. Here's the corrected rule:
(user.userType -eq "Member" -and (user.assignedPlans -any (assignedPlan.servicePlanId -eq "cbdc14ab-d96c-4c30-b9f4-6ada7cdc1d46" -and assignedPlan.capabilityStatus -eq "Enabled")))
user.userType -eq "Member"
ensures that the user is a regular member (not a guest or admin).
-
user.assignedPlans -any (...)
checks if any of the user's assigned plans match the specified conditions. -
assignedPlan.servicePlanId -eq "cbdc14ab-d96c-4c30-b9f4-6ada7cdc1d46"
filters for the specific service plan ID of Microsoft 365 Business Premium. -
assignedPlan.capabilityStatus -eq "Enabled"
ensures that the assigned plan is enabled.
Make sure to replace "cbdc14ab-d96c-4c30-b9f4-6ada7cdc1d46"
with the correct service plan ID for Microsoft 365 Business Premium if it's different.