SOLVED
Home

How to list users synced from onprem AD and cloud-only users?

%3CLINGO-SUB%20id%3D%22lingo-sub-498883%22%20slang%3D%22en-US%22%3EHow%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-498883%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20guys!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20was%20tasked%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud%20only%20users%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20downloaded%20and%20imported%20AzureAD%20PS%20module%202.0.2.16%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAzure%20portal%20shows%20several%20users%20with%20source%20'Azure%20Active%20Directory'.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20first%20trying%20to%20list%20these%20cloud-only%20users%20by%20running%20a%20command%20command%26nbsp%3B%20Get-AzureADUser%20%7C%20where%20%7B%24_.dirsyncenabled%20-eq%20%24false%7D%20but%20it%20yields%20only%20one%20user%20when%20there%20should%20be%20a%20lot%20more.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20also%20need%20to%20list%20users%20synced%20from%20onprem%20AD.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20command%20does%20not%20seem%20to%20do%20the%20trick.%20Can%20you%20help%20me%20out%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-498883%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-499095%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-499095%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F157949%22%20target%3D%22_blank%22%3E%40Teijo%20H%C3%A4m%C3%A4l%C3%A4inen%3C%2FA%3E%26nbsp%3BI%20would%20try%20following%20Get-MsolUser%20-All%20%7C%20%3F%7B-not%20%24_.lastdirsynctime%7D%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-500360%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-500360%22%20slang%3D%22en-US%22%3E%3CP%3EThere's%20also%26nbsp%3BGet-MsolUser%20-Synchronized.%20Using%20the%20server-side%20filtering%20is%20faster%20approach%2C%20and%20also%20makes%20sure%20you%20don't%20get%20a%20trimmed%20list%20because%20of%20hitting%20the%20limit%20for%20number%20of%20objects%20returned%20(like%20when%20you%20have%20the%20Get-AzureADUser%20cmdlet%20above%2C%20without%20the%20-All%20switch%2C%20and%20filtering%20client-side).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-502494%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-502494%22%20slang%3D%22en-US%22%3E%3CP%3Ethanks%2C%20definitely%20a%20better%20solution.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMartin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-531327%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-531327%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F213505%22%20target%3D%22_blank%22%3E%40Martin%20Rublik%3C%2FA%3EThere%20is%20another%20easier%20option%20to%20use%20it.%20Cloud%20only%20and%20on%20prem%20users%20have%20big%20difference%20-%20Its%20called%20Immutable%20ID%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%26nbsp%3B%3CSPAN%20class%3D%22hljs-pscommand%22%3EGet-MsolUser%3C%2FSPAN%3E%20%7C%20w%3CSPAN%20class%3D%22typ%22%3Ehere%3C%2FSPAN%3E%3CSPAN%20class%3D%22pun%22%3E-%3C%2FSPAN%3E%3CSPAN%20class%3D%22typ%22%3EObject%3C%2FSPAN%3E%20%3CSPAN%20class%3D%22pun%22%3E%7B%3C%2FSPAN%3E%3CSPAN%20class%3D%22pln%22%3E%24_%3C%2FSPAN%3E%3CSPAN%20class%3D%22pun%22%3E.%3C%2FSPAN%3E%3CSPAN%20class%3D%22typ%22%3EImmutableId%3C%2FSPAN%3E%20%3CSPAN%20class%3D%22pun%22%3E-%3C%2FSPAN%3E%3CSPAN%20class%3D%22pln%22%3Eeq%20%3C%2FSPAN%3E%3CSPAN%20class%3D%22str%22%3E%3CSPAN%3E%24null%3C%2FSPAN%3E%3C%2FSPAN%3E%3CSPAN%20class%3D%22pun%22%3E%7D%20-%26gt%3B%20for%20On%20prem%20users%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22pun%22%3E%3CSPAN%20class%3D%22hljs-pscommand%22%3EGet-MsolUser%3C%2FSPAN%3E%3CSPAN%3E%20%7C%20w%3C%2FSPAN%3E%3CSPAN%20class%3D%22typ%22%3Ehere%3C%2FSPAN%3E-%3CSPAN%20class%3D%22typ%22%3EObject%3C%2FSPAN%3E%20%7B%3CSPAN%20class%3D%22pln%22%3E%24_%3C%2FSPAN%3E.%3CSPAN%20class%3D%22typ%22%3EImmutableId%3C%2FSPAN%3E%20-%3CSPAN%20class%3D%22pln%22%3Ene%20%3C%2FSPAN%3E%3CSPAN%20class%3D%22str%22%3E%3CSPAN%3E%24null%3C%2FSPAN%3E%3C%2FSPAN%3E%7D%20for%20Azure%20AD%20users%20(%20Cloud%20users)%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-544898%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-544898%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F213505%22%20target%3D%22_blank%22%3E%40Martin%20Rublik%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20Martin%20(and%20Scorpio%20and%20Vasil)%2C%20your%20solution%20help%20me%20forward.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Teijo Hämäläinen
New Contributor

Hello guys!

 

I was tasked to list users synced from onprem AD and cloud only users

 

I have downloaded and imported AzureAD PS module 2.0.2.16

 

Azure portal shows several users with source 'Azure Active Directory'.

 

I'm first trying to list these cloud-only users by running a command command  Get-AzureADUser | where {$_.dirsyncenabled -eq $false} but it yields only one user when there should be a lot more.

 

I also need to list users synced from onprem AD.

 

My command does not seem to do the trick. Can you help me out?

5 Replies
Solution

@Teijo Hämäläinen I would try following Get-MsolUser -All | ?{-not $_.lastdirsynctime}

There's also Get-MsolUser -Synchronized. Using the server-side filtering is faster approach, and also makes sure you don't get a trimmed list because of hitting the limit for number of objects returned (like when you have the Get-AzureADUser cmdlet above, without the -All switch, and filtering client-side).

thanks, definitely a better solution.

 

Martin

@Martin RublikThere is another easier option to use it. Cloud only and on prem users have big difference - Its called Immutable ID

 

So Get-MsolUser | where-Object {$_.ImmutableId -eq $null} -> for On prem users

Get-MsolUser | where-Object {$_.ImmutableId -ne $null} for Azure AD users ( Cloud users)

 

@Martin Rublik 

 

Thank you Martin (and Scorpio and Vasil), your solution help me forward.

 

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
38 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies