Forum Discussion
Deactivate Inactive Guest Users last 3 months
Hi, I am looking for a quick and easy solution for deactivating all guest users in Azure AD that has not logged in to their account the last 3 months. Appreciate all answers! Br,
Hi again VasilMichev,
Maybe I found an even better solution to this problem. This command identify and deactivate all inactive users directly from powershell (got it from a John Savill youtube video). The only question now is how to ensure it only disable guest users, not all users. Anyone know?
$DisableUserHash = @{'accountEnabled' = 'false'}
Get-MgUser -Filter "signInActivity/lastSignInDateTime le 2021-09-30T00:00:00Z" |
ForEach-Object {@{ UserId=$_.Id}} | Update-MgUser -Settings $DisableUserHash -WhatIf
Maybe I found an even better solution to this problem. This command identify and deactivate all inactive users directly from powershell (got it from a John Savill youtube video). The only question now is how to ensure it only disable guest users, not all users. Anyone know?
$DisableUserHash = @{'accountEnabled' = 'false'}
Get-MgUser -Filter "signInActivity/lastSignInDateTime le 2021-09-30T00:00:00Z" |
ForEach-Object {@{ UserId=$_.Id}} | Update-MgUser -Settings $DisableUserHash -WhatIf
This cmdlet is basically a "wrapper" for the Graph queries we discussed above. It's pretty much the same thing. Anyway, to filter out Guest users only, simply check the corresponding property in your results.
$users = Get-MgUser -Filter "signInActivity/lastSignInDateTime le 2021-09-30T00:00:00Z"
$users | ? {$_.UserType -eq "Guest"} | ForEach-Object {@{ UserId=$_.Id}} | Update-MgUser -Settings $DisableUserHash -WhatIf
$users = Get-MgUser -Filter "signInActivity/lastSignInDateTime le 2021-09-30T00:00:00Z"
$users | ? {$_.UserType -eq "Guest"} | ForEach-Object {@{ UserId=$_.Id}} | Update-MgUser -Settings $DisableUserHash -WhatIf