Forum Discussion
Deleted
Dec 21, 2021Deactivate Inactive Guest Users last 3 months
Hi,
I am looking for a quick and easy solution for deactivating all guest users in Azure AD that has not logged in to their account the last 3 months.
Appreciate all answers!
Br,
- Take a look at this article by Tony: https://petri.com/guest-account-obsolete-activity
If you are looking for UI-based approach, try Access reviews: https://docs.microsoft.com/en-us/azure/active-directory/governance/manage-guest-access-with-access-reviews- DeletedHi and thanks for the reply!
Just a question, I know abot the access review functionality, but have not discovered yet how that can be used for this purpose. What configuration in that review can be used to automatically deactivate a guest account based on last sign in date?- It's not fully automatic, but you can use the "No sign-in within 30 days" setting to "suggest" to reviewers that such guests can be removed. Combine it with the appropriate action, and it's almost automated.
This was all too complex for me, here's a simpler solution...
Get a csv with the UPNs of the accounts you want to disable
$Guests = Import-Csv .\Guests.csv
ForEach ($Guest in $Guests) { $params = @{accountEnabled = $false} ; Update-MgUser -UserId $guest.upn -BodyParameter $params }