Forum Discussion

fstorer's avatar
fstorer
Brass Contributor
Aug 13, 2022

Find all the AzureADUsers created after a certain date via PowerShell Graph

Hello everyone,

As Microsoft will eventually retire the AzureAD and MSOL PowerShell modules (March 2023?), I am trying to update all the PowerShell scripts based on those modules with new ones based on Microsoft Graph API calls and PowerShell Graph SDK. 

I am struggling with a script which should find all the AzureAD members created after 1 July 2022 inside a specific Security Group. The script should generate a list of these "new starters" and retrieve the following information: DisplayName, UPN, ID, Email, JobTitle.

 

This is what I got so far:

[datetime]$Date = (Get-Date).adddays(-60)
$Users = Get-MgGroupMember -GroupId xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -All
$Users.Count
$UsersCreatedDate = $Users.ForEach{
    Get-MgUser -UserId $_.Id | Select-Object -Property Id, UserPrincipalName, JobTitle, CreatedDateTime
}

Getting all the users takes some time (we have around 400 members in that Security group), I am not sure if there is a quicker way to get those information.

Then I tried to filter that list using the "where-object"

$UsersCreatedDate | Where-Object {($_.CreatedDateTime -gt '$Date')}
but to no avail. I am always getting the error
Could not compare "06/20/2017 09:00:00" to "$DateTime". Error: "Cannot convert value "$DateTime" to type "System.DateTime". Error: "String was not recognized as a valid DateTime.""
What am I doing wrong?

Any help would be much appreciated! 

Many thanks in advance

 

Francesco

  • fstorer 

    Why the quote around the $Date ??

    remove them and you are good.

    $UsersCreatedDate | Where-Object {($_.CreatedDateTime -gt $Date)}

    Also don't forget to include the all the required property in the Get-MgUser

     

    Get-MgUser -UserId $_.Id -Property CreatedDateTime,JobTitle,UserPrincipalName,id

  • farismalaeb's avatar
    farismalaeb
    Steel Contributor

    fstorer 

    Why the quote around the $Date ??

    remove them and you are good.

    $UsersCreatedDate | Where-Object {($_.CreatedDateTime -gt $Date)}

    Also don't forget to include the all the required property in the Get-MgUser

     

    Get-MgUser -UserId $_.Id -Property CreatedDateTime,JobTitle,UserPrincipalName,id

    • fstorer's avatar
      fstorer
      Brass Contributor
      Thanks for pointing out that mistake! All works fine now and I was able to get my list!
      • LainRobertson's avatar
        LainRobertson
        Silver Contributor

        fstorer 

         

        You can leverage server-side filtering for this purpose rather than less-efficient client-side filtering.

         

        The one thing to be wary of is that the supplied date needs to be in ISO 8601 format, which isn't clear from much of the docs.microsoft.com documentation (where the examples are plain wrong.)

         

        This basic example searches shows how to find users created within the past year.

         

        Get-MgUser -Filter "CreatedDateTime ge $([datetime]::UtcNow.AddYears(-1).ToString("s"))Z" | ft -AutoSize Id, UserPrincipalName, CreatedDateTime

         

         

        Cheers,

        Lain

Resources