May 03 2024 11:18 PM
Hi Guys I want to pull all user login details in Entra together ith MFA details for each user using the two modules to end up with an array for extracting a report like below. Kindly assist in joining data from the two modules, thank you.
$mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Identity $user | Select-Object UserDisplayName,UserPrincipalName, UserType,IsAdmin,DefaultMfaMethod,IsMfaRegistered,IsMfaCapable,IsPasswordlessCapable, MethodsRegistered
$userData = @()
foreach ($user in $entraIdUsers) {
$entraIdUsers = Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled
$userData += [PSCustomObject]@{
"Id" = $user.Id
"DisplayName" = $user.DisplayName
"UPN" = $user.UserPrincipalName
"CreatedDate" = $user.CreatedDateTime
"AccountEnabled" = $user.AccountEnabled
"LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime
"LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime
"LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime
"UserType" = $mfaData.UserType
"IsAdmin" = $mfaData.IsAdmin
"IsMfaRegistered" = $mfaData.IsMfaRegistered
"IsMfaCapable" = $mfaData.IsMfaCapable
"IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable
"DefaultMfaMethod" = $mfaData.DefaultMfaMethod
"UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
"Methods registered" = $mfaData.MethodsRegistered -join ", "
}
}
May 06 2024 03:00 PM
Solution@Edwin_Oroko I changed the script a bit, the order was not correct, and made it a bit more compact
$userData = foreach ($user in Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled) {
$mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Filter "userPrincipalName eq '$($user.userPrincipalName)'" | Select-Object UserDisplayName, UserPrincipalName, UserType, IsAdmin, DefaultMfaMethod, IsMfaRegistered, IsMfaCapable, IsPasswordlessCapable, MethodsRegistered
[PSCustomObject]@{
"Id" = $user.Id
"DisplayName" = $user.DisplayName
"UPN" = $user.UserPrincipalName
"CreatedDate" = $user.CreatedDateTime
"AccountEnabled" = $user.AccountEnabled
"LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime
"LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime
"LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime
"UserType" = $mfaData.UserType
"IsAdmin" = $mfaData.IsAdmin
"IsMfaRegistered" = $mfaData.IsMfaRegistered
"IsMfaCapable" = $mfaData.IsMfaCapable
"IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable
"DefaultMfaMethod" = $mfaData.DefaultMfaMethod
"UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
"Methods registered" = $mfaData.MethodsRegistered -join ", "
}
}
$userData
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If one of the posts was helpful in other ways, please consider giving it a Like.
May 06 2024 03:00 PM
Solution@Edwin_Oroko I changed the script a bit, the order was not correct, and made it a bit more compact
$userData = foreach ($user in Get-MgBetaUser -All -Property Id, DisplayDisplayNameName, UserPrincipalName, SignInActivity, CreatedDateTime, AccountEnabled) {
$mfaData = Get-MgBetaReportAuthenticationMethodUserRegistrationDetail -Filter "userPrincipalName eq '$($user.userPrincipalName)'" | Select-Object UserDisplayName, UserPrincipalName, UserType, IsAdmin, DefaultMfaMethod, IsMfaRegistered, IsMfaCapable, IsPasswordlessCapable, MethodsRegistered
[PSCustomObject]@{
"Id" = $user.Id
"DisplayName" = $user.DisplayName
"UPN" = $user.UserPrincipalName
"CreatedDate" = $user.CreatedDateTime
"AccountEnabled" = $user.AccountEnabled
"LastSuccessfulSigninDate" = $user.SignInActivity.lastSuccessfulSignInDateTime
"LastInteractiveSignIn" = $user.SignInActivity.LastSignInDateTime
"LastNon_InteractiveSignIn" = $user.LastNonInteractiveSignInDateTime
"UserType" = $mfaData.UserType
"IsAdmin" = $mfaData.IsAdmin
"IsMfaRegistered" = $mfaData.IsMfaRegistered
"IsMfaCapable" = $mfaData.IsMfaCapable
"IsPasswordlessCapable" = $mfaData.IsPasswordlessCapable
"DefaultMfaMethod" = $mfaData.DefaultMfaMethod
"UserPreferredMethodForSecondaryAuthentication" = $mfaData.UserPreferredMethodForSecondaryAuthentication
"Methods registered" = $mfaData.MethodsRegistered -join ", "
}
}
$userData
Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.
If one of the posts was helpful in other ways, please consider giving it a Like.