Forum Discussion

Deleted's avatar
Deleted
Dec 21, 2021

Deactivate Inactive Guest Users last 3 months

Hi,

I am looking for a quick and easy solution for deactivating all guest users in Azure AD that has not logged in to their account the last 3 months. 

 

Appreciate all answers!

Br,

 

    • Deleted's avatar
      Deleted
      Hi and thanks for the reply!
      Just a question, I know abot the access review functionality, but have not discovered yet how that can be used for this purpose. What configuration in that review can be used to automatically deactivate a guest account based on last sign in date?
      • It's not fully automatic, but you can use the "No sign-in within 30 days" setting to "suggest" to reviewers that such guests can be removed. Combine it with the appropriate action, and it's almost automated.
  • This was all too complex for me, here's a simpler solution...

     

    Get a csv with the UPNs of the accounts you want to disable

    $Guests = Import-Csv .\Guests.csv

    ForEach ($Guest in $Guests) { $params = @{accountEnabled = $false} ; Update-MgUser -UserId $guest.upn -BodyParameter $params }

     

Resources