cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Office365 Active User Report

Alistair Trigg
Brass Contributor

‎Jun 01 2022 07:49 AM

‎Jun 01 2022 07:49 AM

Office365 Active User Report

Hi

 

We are trying to manage inactive better and I am currently comparing two reports:

 

Office365ActiveUserDetail from the O365 Admin centre and the LastSignInDate from a report I have run from Azure AD and Graph. The Azure report highlights some stale accounts that haven't been accessed for over 90 days but the Office365 one shows recent exchange activity. I obviously don't want to close stale accounts that users might still be using.

 

I would have thought that if a user was using their account to access their mail even through an app etc their LastSignInDate would have updated itself?

 

Alistair

 

Labels:
870 Views
0 Likes
2 Replies
Reply
2 Replies
Vasil Michev

‎Jun 01 2022 09:02 AM

‎Jun 01 2022 09:02 AM

Re: Office365 Active User Report

LastSignInDate only reflects Interactive logins, as in the user performed a full sign-in (entered credentials or used whatever primary auth method they have configured). With the OAuth model most applications now use, the majority of sign-in events are non-interactive ones, where the client presents a valid refresh token to continue accessing a given app/service. In some cases, even months after the last "interactive" login, as long as the refresh token is valid.
0 Likes
Reply
Vasil Michev

‎Jun 01 2022 09:04 AM

‎Jun 01 2022 09:04 AM

Re: Office365 Active User Report

If you are obtaining the Graph data, look at the lastNonInteractiveSignInDateTime value.
0 Likes
Reply