Forum Discussion
Unused Enterprise applications
I inherited an Azure\Entra AD domain with a crazy number of Enterprise applications configured. Some going back 5, 6 or more years.
Practically all of them are configured to not require user assignment so I have no idea of who might be using these, if they are being used at all.
Is there a way to determine last time any of these where actually used? I want to get rid of anything that doesn't need ot be there.
3 Replies
Get-AzureADAuditSignInLog : The term 'Get-AzureADAuditSignInLog' is not recognized as the name of a cmdlet, function, script file, or operable program
Googled it, tried everything I can find. Still not working.
Try the below PS:
# Connect to Azure AD
Connect-AzureAD
# Set the number of days to check for stale applications
$staleDays = 30
# Get the list of enterprise applications
$apps = Get-AzureADServicePrincipal -All $true
# Filter out the applications that have had a sign-in within the last $staleDays days
$staleApps = $apps | Where-Object {
(Get-AzureADAuditSignInLogs -ObjectId $_.ObjectId -All $true -Top 1).createdDateTime -lt (Get-Date).AddDays(-$staleDays)
}
# Display the list of stale applications
$staleApps | Select-Object DisplayName, AppId
Tried it get:
Get-AzureADAuditSignInLogs : The term 'Get-AzureADAuditSignInLogs' is not recognized as the name of a cmdlet, function, script file, or operable program
Googled it, tried everything. Nothing works.
