May 15 2020
- last edited on
Jan 14 2022
Need a Power Shell script that would provide a list of stale guest accounts with the last log in date for users who don't have a mailbox? Additionally that haven't signed in for 90 days.
These are users that show up in the following blade: Organizational relationships | Users from other organizations, and have External Azure Active Directory guest access
May 15 2020 08:45 AM
Use the SignInActivity property/endpoint: https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-beta&tabs=http#example-3--list-...
May 15 2020 08:54 AM
Thanks, but how would one use this please? Not familiar with coding. Was looking for a powershell script please.
May 15 2020 09:16 AM
@Chad Rodriguez With a bit of back end work you can actually put that code chunk into a Powershell script if I recall correctly...
May 15 2020 09:25 AMSolution
I have a sample script here: https://github.com/michevnew/PowerShell/blob/master/Graph_Last_Login_Date.ps1
But it still requires you to fiddle with it a bit if you only want the Guest users data, and setting it up might also be challenging if you haven't done such things before. Your only other option is to get the Sign-in logs from the Azure AD blade, then filter them out in a external tool.
May 15 2020 09:41 AM
Is that basically the same approach you would give PowerBI rights to do the same type of User queries?
As I read things there is no Powershell cmdlet, at least in the MS supplied module, for this type of query.
May 15 2020 09:48 AM
would be nice, thanks for checking as I wasn't finding anything either.
May 16 2020 12:54 AM