Forum Discussion

JakobRohde's avatar
JakobRohde
Iron Contributor
Sep 22, 2017

List all users' last login date

Is it possible, using PowerShell, to list all AAD users' last login date (no matter how they logged in)? I have found a couple of scripts that check the last mailbox login, but that is not what we ne...
Azure Active Directory (AAD)
Staniko's avatar
Staniko
Copper Contributor
Jul 29, 2021

JakobRohde this is a classic Microsoft 365 housekeeping task and question. A pity Microsoft is not offering something out of the box.

 

I would suggest following Powershell script, which returns not only your users last login date as CSV file, but also assigned licenses. This way you may check whether there is someone not logging in and consuming licenses.

 

 

 

Install-Module AzureADPreview -AllowClobber -Force

Connect-AzureAD

$usersexport = [system.collections.arraylist]@()

Get-AzureADUser | % {
    $User = $_
    $UPN = $User.UserPrincipalName
    
    Write-Output "Start analysing $UPN"

    $LoginTime = Get-AzureAdAuditSigninLogs -top 1 -filter "userprincipalname eq '$UPN'" | select CreatedDateTime
    $Licenses = Get-AzureADUserLicenseDetail -ObjectId $User.ObjectId | % { $_.ServicePlans | Where {$_.AppliesTo -eq "User"}} | select -ExpandProperty ServicePlanName
    
    $Export = [pscustomobject]@{
        'DisplayName' = $User.DisplayName; 
        'UserPrincipalName' = $UPN;
        'LastSignInDate' = $LoginTime.CreatedDateTime;
        'Licenses' = $Licenses -join ",";
    }
    
    $usersexport.Add($Export)
    
    Write-Output $Export
}
$usersexport | Export-CSV $Home\LastLogonDate.csv

 

 

 

Dia_2's avatar
Dia_2
Copper Contributor
Apr 25, 2022
This is great! how would you set the script to run aganst a specific dynamic cloud security group?

Resources