Dynamic security group with all users with any plan (all licensed users)

Question

Hi guys,

I'm trying to create a dynamic security group with only licensed users. I've already found this and some other examples to get this working. To test around I started with this filter:

(user.accountEnabled -eq True) and (user.assignedplans -any (assignedplan.serviceplanid -eq "3e26ee1f-8a5f-4d52-aee2-b81ce45c8f40"))  

This works generally, but I want a rule with any plan and not a specific one. So I tried this one:

(user.accountEnabled -eq True) and (user.assignedplans -all (assignedplan.serviceplanid -ne null))  

But that doesn't work in my case:

This is also working but I want it vice versa:

(user.accountEnabled -eq True) and (user.assignedplans -any (assignedplan.serviceplanid -eq null)  

Maybe someone has a hint.

Thanks, Daniel.

Answer 1

Ok, I was able to manage it on my own. I got it working with the not operator:

(user.accountEnabled -eq True) and not (user.assignedplans -all (assignedplan.serviceplanid -eq null))  

I would have expected that if I use -eq operator and have a result, the the operator -ne switches the result. Anyway, maybe this helps someone else.

Answer 2

So, I managed to get it working without a "not" by changing the "-all" operator to "-any" and using an "-ne".

Like this:

(user.accountEnabled -eq true) and (user.assignedPlans -any (assignedPlan.servicePlanID -ne null))

Hope this helps someone.