Copilot for Microsoft 365 Tech Accelerator
Feb 28 2024 07:00 AM - Feb 29 2024 10:30 AM (PST)
Microsoft Tech Community

Office365 Active User Report

Brass Contributor



We are trying to manage inactive better and I am currently comparing two reports:


Office365ActiveUserDetail from the O365 Admin centre and the LastSignInDate from a report I have run from Azure AD and Graph. The Azure report highlights some stale accounts that haven't been accessed for over 90 days but the Office365 one shows recent exchange activity. I obviously don't want to close stale accounts that users might still be using.


I would have thought that if a user was using their account to access their mail even through an app etc their LastSignInDate would have updated itself?




2 Replies
LastSignInDate only reflects Interactive logins, as in the user performed a full sign-in (entered credentials or used whatever primary auth method they have configured). With the OAuth model most applications now use, the majority of sign-in events are non-interactive ones, where the client presents a valid refresh token to continue accessing a given app/service. In some cases, even months after the last "interactive" login, as long as the refresh token is valid.
If you are obtaining the Graph data, look at the lastNonInteractiveSignInDateTime value.