Forum Discussion
List all users' last login date
Is it possible, using PowerShell, to list all AAD users' last login date (no matter how they logged in)? I have found a couple of scripts that check the last mailbox login, but that is not what we ne...
or Get-AzureADAuditSignInLogs (AzureADPreview) or Search-UnifiedAuditLog
I personally prefer Joshua's solution. Just make a connection to AzureAD with Connect-AzureAD using the preview version of the module, then run a query using the objectid or upn as follows. The "-Top 1" gives you the most recent login.
# upn
Get-AzureADAuditSignInLogs -Filter "UserPrincipalName eq '$userPrincipalName'" -Top 1 | Select -ExpandProperty CreatedDateTime
# objectid
Get-AzureADAuditSignInLogs -Filter "UserId eq '$objectId'" -Top 1 | Select -ExpandProperty CreatedDateTime
# upn
Get-AzureADAuditSignInLogs -Filter "UserPrincipalName eq '$userPrincipalName'" -Top 1 | Select -ExpandProperty CreatedDateTime
# objectid
Get-AzureADAuditSignInLogs -Filter "UserId eq '$objectId'" -Top 1 | Select -ExpandProperty CreatedDateTime
- Thanks 🙂 The only catch here is that *I believe* it will provide you the last login for 90 days unlike the graph api which is a static value. I'm also hearing that some tenants are having throttling issues with with this cmdlet... I'm going to start moving my scripts to graph as the azure module will be deprecated soon anyway. (June 2022)