Forum Discussion
List all users' last login date
Is it possible, using PowerShell, to list all AAD users' last login date (no matter how they logged in)? I have found a couple of scripts that check the last mailbox login, but that is not what we ne...
No. Use the report in the O365 admin center -> Reports -> Usage -> Active users.
or Get-AzureADAuditSignInLogs (AzureADPreview) or Search-UnifiedAuditLog
- I personally prefer Joshua's solution. Just make a connection to AzureAD with Connect-AzureAD using the preview version of the module, then run a query using the objectid or upn as follows. The "-Top 1" gives you the most recent login.
# upn
Get-AzureADAuditSignInLogs -Filter "UserPrincipalName eq '$userPrincipalName'" -Top 1 | Select -ExpandProperty CreatedDateTime
# objectid
Get-AzureADAuditSignInLogs -Filter "UserId eq '$objectId'" -Top 1 | Select -ExpandProperty CreatedDateTime- Thanks 🙂 The only catch here is that *I believe* it will provide you the last login for 90 days unlike the graph api which is a static value. I'm also hearing that some tenants are having throttling issues with with this cmdlet... I'm going to start moving my scripts to graph as the azure module will be deprecated soon anyway. (June 2022)
- This is now available native through the Graph API: https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-beta&tabs=http#example-5-list-the-last-sign-in-time-of-users-in-a-specific-time-range
This doesnt seem to work for me. When i try using it i either get this error:
"error": {
"code": "Authentication_RequestFromUnsupportedUserRole",
"message": "User is not in the allowed roles",
"innerError": {
"request-id": "0119ef60-c3bb-40c1-8f58-7f201bf6d8da",
"date": "2020-05-01T21:46:51"
}I checked i am global admin and part of the security reader groups.
Or the command does work, but the results are returned with no logon dates. Have you had any luck getting to work ? recently?
Thanks,
Robert
