@Jakob Rohde this is a classic Microsoft 365 housekeeping task and question. A pity Microsoft is not offering something out of the box.

 

I would suggest following Powershell script, which returns not only your users last login date as CSV file, but also assigned licenses. This way you may check whether there is someone not logging in and consuming licenses.

 

 

 

Install-Module AzureADPreview -AllowClobber -Force

Connect-AzureAD

$usersexport = [system.collections.arraylist]@()

Get-AzureADUser | % {
    $User = $_
    $UPN = $User.UserPrincipalName
    
    Write-Output "Start analysing $UPN"

    $LoginTime = Get-AzureAdAuditSigninLogs -top 1 -filter "userprincipalname eq '$UPN'" | select CreatedDateTime
    $Licenses = Get-AzureADUserLicenseDetail -ObjectId $User.ObjectId | % { $_.ServicePlans | Where {$_.AppliesTo -eq "User"}} | select -ExpandProperty ServicePlanName
    
    $Export = [pscustomobject]@{
        'DisplayName' = $User.DisplayName; 
        'UserPrincipalName' = $UPN;
        'LastSignInDate' = $LoginTime.CreatedDateTime;
        'Licenses' = $Licenses -join ",";
    }
    
    $usersexport.Add($Export)
    
    Write-Output $Export
}
$usersexport | Export-CSV $Home\LastLogonDate.csv

 

 

 

YES, This is possible!
But you need to do a little trick because it is only accessible via the Graph API. If you want to achieve that by PowerShell, you need to create an application, with a secret, that has access with the permission AuditLog.Read.All and User.Read.All and call this application with Graph command to do your query.
You can see my PowerShell script bellow:

#Replace [tenant_id], [Application_ID], [client_secret] with your own values

#Provide your Office 365 Tenant Id or Tenant Domain Name
$TenantId = "[tenant_id]"

#Provide Azure AD Application (client) Id of your app.
#You should have granted Admin consent for this app to use the application permissions "AuditLog.Read.All and User.Read.All" in your tenant.
$AppClientId="[Application_ID]"

#Provide Application client secret key
$ClientSecret = "[client_secret]"

$RequestBody = @{client_id=$AppClientId;client_secret=$ClientSecret;grant_type="client_credentials";scope="https://graph.microsoft.com/.default";}
$OAuthResponse = Invoke-RestMethod -Method 'Post' -Uri "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token" -Body $RequestBody
$AccessToken = $OAuthResponse.access_token

#Form request headers with the acquired $AccessToken
$headers = @{'Content-Type'="application\json";'Authorization'="Bearer $AccessToken"}

#This request get users list with signInActivity.
$ApiUrl = "https://graph.microsoft.com/beta/users?`$select=displayName,userPrincipalName,signInActivity,userType,assignedLicenses,mail,createdDateTime&`$top=999"
$Result = @()

While ($ApiUrl -ne $Null){ #Perform pagination if next page link (odata.nextlink) returned.
$Response = Invoke-WebRequest -Method 'GET' -Uri $ApiUrl -ContentType "application\json" -Headers $headers | ConvertFrom-Json
if($Response.value){
$Users = $Response.value
ForEach($User in $Users){
#Filter only Guests
if ($User.userType -eq 'Guest'){
$Result += New-Object PSObject -property $([ordered]@{
UserID = $User.id
DisplayName = $User.displayName
ExternalDomain = if ($User.mail) {$User.mail.Split("@")[1]} else {$null}
Email = $user.mail
UserPrincipalName = $User.userPrincipalName
CreationDateTime = if($User.createdDateTime) {[DateTime]$User.createdDateTime} else {$null}
LastSignInDateTime = if($User.signInActivity.lastSignInDateTime) { [DateTime]$User.signInActivity.lastSignInDateTime } else {$null}
IsLicensed = if ($User.assignedLicenses.Count -ne 0) { $true } else { $false }
IsGuestUser = if ($User.userType -eq 'Guest') { $true } else { $false }
URL = "https://portal.azure.com/#blade/Microsoft_AAD_IAM/UserDetailsMenuBlade/Profile/userId/"+$user.id
})
}
}
}
$ApiUrl=$Response.'@odata.nextlink'
}

#Export to local computer
$Result | Export-CSV "C:\Temp\LastLoginDateReport.CSV" -NoTypeInformation -Encoding UTF8

Enjoy! :)