SOLVED
Home

How to list users synced from onprem AD and cloud-only users?

%3CLINGO-SUB%20id%3D%22lingo-sub-498883%22%20slang%3D%22en-US%22%3EHow%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-498883%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20guys!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20was%20tasked%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud%20only%20users%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20downloaded%20and%20imported%20AzureAD%20PS%20module%202.0.2.16%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAzure%20portal%20shows%20several%20users%20with%20source%20'Azure%20Active%20Directory'.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20first%20trying%20to%20list%20these%20cloud-only%20users%20by%20running%20a%20command%20command%26nbsp%3B%20Get-AzureADUser%20%7C%20where%20%7B%24_.dirsyncenabled%20-eq%20%24false%7D%20but%20it%20yields%20only%20one%20user%20when%20there%20should%20be%20a%20lot%20more.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20also%20need%20to%20list%20users%20synced%20from%20onprem%20AD.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20command%20does%20not%20seem%20to%20do%20the%20trick.%20Can%20you%20help%20me%20out%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-498883%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-499095%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-499095%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F157949%22%20target%3D%22_blank%22%3E%40Teijo%20H%C3%A4m%C3%A4l%C3%A4inen%3C%2FA%3E%26nbsp%3BI%20would%20try%20following%20Get-MsolUser%20-All%20%7C%20%3F%7B-not%20%24_.lastdirsynctime%7D%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-500360%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-500360%22%20slang%3D%22en-US%22%3E%3CP%3EThere's%20also%26nbsp%3BGet-MsolUser%20-Synchronized.%20Using%20the%20server-side%20filtering%20is%20faster%20approach%2C%20and%20also%20makes%20sure%20you%20don't%20get%20a%20trimmed%20list%20because%20of%20hitting%20the%20limit%20for%20number%20of%20objects%20returned%20(like%20when%20you%20have%20the%20Get-AzureADUser%20cmdlet%20above%2C%20without%20the%20-All%20switch%2C%20and%20filtering%20client-side).%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-502494%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-502494%22%20slang%3D%22en-US%22%3E%3CP%3Ethanks%2C%20definitely%20a%20better%20solution.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMartin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-531327%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-531327%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F213505%22%20target%3D%22_blank%22%3E%40Martin%20Rublik%3C%2FA%3EThere%20is%20another%20easier%20option%20to%20use%20it.%20Cloud%20only%20and%20on%20prem%20users%20have%20big%20difference%20-%20Its%20called%20Immutable%20ID%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%26nbsp%3B%3CSPAN%20class%3D%22hljs-pscommand%22%3EGet-MsolUser%3C%2FSPAN%3E%20%7C%20w%3CSPAN%20class%3D%22typ%22%3Ehere%3C%2FSPAN%3E%3CSPAN%20class%3D%22pun%22%3E-%3C%2FSPAN%3E%3CSPAN%20class%3D%22typ%22%3EObject%3C%2FSPAN%3E%20%3CSPAN%20class%3D%22pun%22%3E%7B%3C%2FSPAN%3E%3CSPAN%20class%3D%22pln%22%3E%24_%3C%2FSPAN%3E%3CSPAN%20class%3D%22pun%22%3E.%3C%2FSPAN%3E%3CSPAN%20class%3D%22typ%22%3EImmutableId%3C%2FSPAN%3E%20%3CSPAN%20class%3D%22pun%22%3E-%3C%2FSPAN%3E%3CSPAN%20class%3D%22pln%22%3Eeq%20%3C%2FSPAN%3E%3CSPAN%20class%3D%22str%22%3E%3CSPAN%3E%24null%3C%2FSPAN%3E%3C%2FSPAN%3E%3CSPAN%20class%3D%22pun%22%3E%7D%20-%26gt%3B%20for%20On%20prem%20users%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22pun%22%3E%3CSPAN%20class%3D%22hljs-pscommand%22%3EGet-MsolUser%3C%2FSPAN%3E%3CSPAN%3E%20%7C%20w%3C%2FSPAN%3E%3CSPAN%20class%3D%22typ%22%3Ehere%3C%2FSPAN%3E-%3CSPAN%20class%3D%22typ%22%3EObject%3C%2FSPAN%3E%20%7B%3CSPAN%20class%3D%22pln%22%3E%24_%3C%2FSPAN%3E.%3CSPAN%20class%3D%22typ%22%3EImmutableId%3C%2FSPAN%3E%20-%3CSPAN%20class%3D%22pln%22%3Ene%20%3C%2FSPAN%3E%3CSPAN%20class%3D%22str%22%3E%3CSPAN%3E%24null%3C%2FSPAN%3E%3C%2FSPAN%3E%7D%20for%20Azure%20AD%20users%20(%20Cloud%20users)%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-544898%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20list%20users%20synced%20from%20onprem%20AD%20and%20cloud-only%20users%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-544898%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F213505%22%20target%3D%22_blank%22%3E%40Martin%20Rublik%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%20Martin%20(and%20Scorpio%20and%20Vasil)%2C%20your%20solution%20help%20me%20forward.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Teijo Hämäläinen
New Contributor

Hello guys!

 

I was tasked to list users synced from onprem AD and cloud only users

 

I have downloaded and imported AzureAD PS module 2.0.2.16

 

Azure portal shows several users with source 'Azure Active Directory'.

 

I'm first trying to list these cloud-only users by running a command command  Get-AzureADUser | where {$_.dirsyncenabled -eq $false} but it yields only one user when there should be a lot more.

 

I also need to list users synced from onprem AD.

 

My command does not seem to do the trick. Can you help me out?

5 Replies
Solution

@Teijo Hämäläinen I would try following Get-MsolUser -All | ?{-not $_.lastdirsynctime}

There's also Get-MsolUser -Synchronized. Using the server-side filtering is faster approach, and also makes sure you don't get a trimmed list because of hitting the limit for number of objects returned (like when you have the Get-AzureADUser cmdlet above, without the -All switch, and filtering client-side).

thanks, definitely a better solution.

 

Martin

@Martin RublikThere is another easier option to use it. Cloud only and on prem users have big difference - Its called Immutable ID

 

So Get-MsolUser | where-Object {$_.ImmutableId -eq $null} -> for On prem users

Get-MsolUser | where-Object {$_.ImmutableId -ne $null} for Azure AD users ( Cloud users)

 

@Martin Rublik 

 

Thank you Martin (and Scorpio and Vasil), your solution help me forward.

 

Related Conversations