Forum Discussion
Guest Users governance - stale guest users
The "best practice" will vary greatly from one organization to the other, as some are very "open" in regards to guest users, other must allow their partners and customers, while organizations in certain industries will never even enable such a feature. Microsoft's own tool to manage guest user lifecycle is called Access Reviews (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-azure-ad-controls-manage-guest-access-with-access-reviews), but unfortunately the license requirements are very prohibitive for any organization not already invested in AAD Premium P2.
PowerShell and the Graph API give you all the tools you need in order to manage Guest users, so you can build your custom solution around it, if the above is too costly.
Does anyone have a Power Shell script that would provide a list of stale guest accounts with the last log in date for users who don't have a mailbox? External users who have been granted access to sites or documents in classic SharePoint sites and modern Team and Communication sites don't have mailboxes.
- Now you do... 🙂 https://github.com/JBines/Remove-StaleGuests
- Hi.
I want to remove inactive users for 14 days And export to csv.
I write:
Remove-StaleGuests.ps1 -InactiveTimeSpan 14 -ExportCSVPath guest.csv -RemoveInactiveGuests:$true
But then happens nothing.. all users are still exist.
For pending users it works:
Remove-StaleGuests.ps1 -InactiveTimeSpan 14 -ExportCSVPath guest.csv -RemoveExpiredGuests:$true
But for removing inactive doesn't. How does it work??- If you could please add an issue in github and then we can triage the issue.
the only way I've seen to check user activity is to go to the sign in logs.
Aside from that nothing
