cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Combine both : Get-MgBetaUser and Get-MgBetaReportAuthenticationMethodUserRegistrationDetail

Edwin_Oroko
Copper Contributor

‎May 03 2024 11:18 PM

‎May 03 2024 11:18 PM

Combine both : Get-MgBetaUser and Get-MgBetaReportAuthenticationMethodUserRegistrationDetail

Hi Guys I want to pull all user login details in Entra together ith MFA details for each user using the two modules to end up with an array for extracting a report like below. Kindly assist in joining data from the two modules, thank you.

 

 

$mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Identity $user | Select-Object UserDisplayName,UserPrincipalName, UserType,IsAdmin,DefaultMfaMethod,IsMfaRegistered,IsMfaCapable,IsPasswordlessCapable, MethodsRegistered
$userData = @()
foreach ($user in $entraIdUsers) {
$entraIdUsers = Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled
    $userData += [PSCustomObject]@{
        "Id"          = $user.Id
        "DisplayName" = $user.DisplayName
        "UPN"         = $user.UserPrincipalName
        "CreatedDate" = $user.CreatedDateTime
        "AccountEnabled" = $user.AccountEnabled
        "LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime
        "LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime
        "LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime
        "UserType" = $mfaData.UserType
        "IsAdmin" = $mfaData.IsAdmin
        "IsMfaRegistered" = $mfaData.IsMfaRegistered
        "IsMfaCapable" = $mfaData.IsMfaCapable
        "IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable
        "DefaultMfaMethod" = $mfaData.DefaultMfaMethod
        "UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
        "Methods registered" = $mfaData.MethodsRegistered -join ", "
    }
}

 

 

153 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by Edwin_Oroko (Copper Contributor)
Harm_Veenstra

‎May 06 2024 03:00 PM

‎May 06 2024 03:00 PM

Solution

Re: Combine both : Get-MgBetaUser and Get-MgBetaReportAuthenticationMethodUserRegistrationDetail

@Edwin_Oroko I changed the script a bit, the order was not correct, and made it a bit more compact

 

$userData = foreach ($user in Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled) {
    $mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Filter "userPrincipalName eq '$($user.userPrincipalName)'" | Select-Object UserDisplayName, UserPrincipalName, UserType, IsAdmin, DefaultMfaMethod, IsMfaRegistered, IsMfaCapable, IsPasswordlessCapable, MethodsRegistered
    [PSCustomObject]@{
        "Id"                                            = $user.Id
        "DisplayName"                                   = $user.DisplayName
        "UPN"                                           = $user.UserPrincipalName
        "CreatedDate"                                   = $user.CreatedDateTime
        "AccountEnabled"                                = $user.AccountEnabled
        "LastSuccessfulSigninDate"                      = $user.SignInActivity.lastSuccessfulSignInDateTime
        "LastInteractiveSignIn"                         = $user.SignInActivity.LastSignInDateTime
        "LastNon_InteractiveSignIn"                     = $user.LastNonInteractiveSignInDateTime
        "UserType"                                      = $mfaData.UserType
        "IsAdmin"                                       = $mfaData.IsAdmin
        "IsMfaRegistered"                               = $mfaData.IsMfaRegistered
        "IsMfaCapable"                                  = $mfaData.IsMfaCapable
        "IsPasswordlessCapable"                         = $mfaData.IsPasswordlessCapable
        "DefaultMfaMethod"                              = $mfaData.DefaultMfaMethod
        "UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
        "Methods registered"                            = $mfaData.MethodsRegistered -join ", "
    }
}
$userData



Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.

If one of the posts was helpful in other ways, please consider giving it a Like.

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Edwin_Oroko (Copper Contributor)
Harm_Veenstra

‎May 06 2024 03:00 PM

‎May 06 2024 03:00 PM

Solution

Re: Combine both : Get-MgBetaUser and Get-MgBetaReportAuthenticationMethodUserRegistrationDetail

@Edwin_Oroko I changed the script a bit, the order was not correct, and made it a bit more compact

 

$userData = foreach ($user in Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled) {
    $mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Filter "userPrincipalName eq '$($user.userPrincipalName)'" | Select-Object UserDisplayName, UserPrincipalName, UserType, IsAdmin, DefaultMfaMethod, IsMfaRegistered, IsMfaCapable, IsPasswordlessCapable, MethodsRegistered
    [PSCustomObject]@{
        "Id"                                            = $user.Id
        "DisplayName"                                   = $user.DisplayName
        "UPN"                                           = $user.UserPrincipalName
        "CreatedDate"                                   = $user.CreatedDateTime
        "AccountEnabled"                                = $user.AccountEnabled
        "LastSuccessfulSigninDate"                      = $user.SignInActivity.lastSuccessfulSignInDateTime
        "LastInteractiveSignIn"                         = $user.SignInActivity.LastSignInDateTime
        "LastNon_InteractiveSignIn"                     = $user.LastNonInteractiveSignInDateTime
        "UserType"                                      = $mfaData.UserType
        "IsAdmin"                                       = $mfaData.IsAdmin
        "IsMfaRegistered"                               = $mfaData.IsMfaRegistered
        "IsMfaCapable"                                  = $mfaData.IsMfaCapable
        "IsPasswordlessCapable"                         = $mfaData.IsPasswordlessCapable
        "DefaultMfaMethod"                              = $mfaData.DefaultMfaMethod
        "UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
        "Methods registered"                            = $mfaData.MethodsRegistered -join ", "
    }
}
$userData



Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.

If one of the posts was helpful in other ways, please consider giving it a Like.

View solution in original post

0 Likes
Reply