Forum Discussion
Solved
Combine both : Get-MgBetaUser and Get-MgBetaReportAuthenticationMethodUserRegistrationDetail
Hi Guys I want to pull all user login details in Entra together ith MFA details for each user using the two modules to end up with an array for extracting a report like below. Kindly assist in joining data from the two modules, thank you.
$mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Identity $user | Select-Object UserDisplayName,UserPrincipalName, UserType,IsAdmin,DefaultMfaMethod,IsMfaRegistered,IsMfaCapable,IsPasswordlessCapable, MethodsRegistered
$userData = @()
foreach ($user in $entraIdUsers) {
$entraIdUsers = Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled
$userData += [PSCustomObject]@{
"Id" = $user.Id
"DisplayName" = $user.DisplayName
"UPN" = $user.UserPrincipalName
"CreatedDate" = $user.CreatedDateTime
"AccountEnabled" = $user.AccountEnabled
"LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime
"LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime
"LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime
"UserType" = $mfaData.UserType
"IsAdmin" = $mfaData.IsAdmin
"IsMfaRegistered" = $mfaData.IsMfaRegistered
"IsMfaCapable" = $mfaData.IsMfaCapable
"IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable
"DefaultMfaMethod" = $mfaData.DefaultMfaMethod
"UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
"Methods registered" = $mfaData.MethodsRegistered -join ", "
}
}
Edwin_Oroko I changed the script a bit, the order was not correct, and made it a bit more compact
$userData = foreach ($user in Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled) { $mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Filter "userPrincipalName eq '$($user.userPrincipalName)'" | Select-Object UserDisplayName, UserPrincipalName, UserType, IsAdmin, DefaultMfaMethod, IsMfaRegistered, IsMfaCapable, IsPasswordlessCapable, MethodsRegistered [PSCustomObject]@{ "Id" = $user.Id "DisplayName" = $user.DisplayName "UPN" = $user.UserPrincipalName "CreatedDate" = $user.CreatedDateTime "AccountEnabled" = $user.AccountEnabled "LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime "LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime "LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime "UserType" = $mfaData.UserType "IsAdmin" = $mfaData.IsAdmin "IsMfaRegistered" = $mfaData.IsMfaRegistered "IsMfaCapable" = $mfaData.IsMfaCapable "IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable "DefaultMfaMethod" = $mfaData.DefaultMfaMethod "UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication "Methods registered" = $mfaData.MethodsRegistered -join ", " } } $userData
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If one of the posts was helpful in other ways, please consider giving it a Like.
1 Reply
Edwin_Oroko I changed the script a bit, the order was not correct, and made it a bit more compact
$userData = foreach ($user in Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled) { $mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Filter "userPrincipalName eq '$($user.userPrincipalName)'" | Select-Object UserDisplayName, UserPrincipalName, UserType, IsAdmin, DefaultMfaMethod, IsMfaRegistered, IsMfaCapable, IsPasswordlessCapable, MethodsRegistered [PSCustomObject]@{ "Id" = $user.Id "DisplayName" = $user.DisplayName "UPN" = $user.UserPrincipalName "CreatedDate" = $user.CreatedDateTime "AccountEnabled" = $user.AccountEnabled "LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime "LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime "LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime "UserType" = $mfaData.UserType "IsAdmin" = $mfaData.IsAdmin "IsMfaRegistered" = $mfaData.IsMfaRegistered "IsMfaCapable" = $mfaData.IsMfaCapable "IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable "DefaultMfaMethod" = $mfaData.DefaultMfaMethod "UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication "Methods registered" = $mfaData.MethodsRegistered -join ", " } } $userData
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If one of the posts was helpful in other ways, please consider giving it a Like.