This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
On Premise AD does not update the Azure AD Sign-in Logs and O365 User Activity report does not include the interactive sign in performed by users.
Need PowerShell script to fetch each Azure AD user Sign-in logs, trying to reconcile the On-premise users last login data with Azure AD Sign-in activity to find inactive users.
Get-MSolUser and Get-AzureAdUser does not include the required data and the details are required for unlicensed users also.
Assuming Inactive users to be the one who have not signed-in in last 90 days.
Hi @Sheshank Dhoot ,
did the answer work for you? Are there any additional questions to this topic?
If you found the answer helpful, it would be great if you please mark it "Accept as answer". This will help others to find answers in Q&A
Regards
Andreas Baumgarten
This is still an open question. Azure AD user sign-in or last login data is required. Without duplicate entries.
Let say a user logged in 10 times a day so it should only capture the latest login details from 30 days log.
Hi @Sheshank Dhoot ,
maybe this is helpful:
https://learn.microsoft.com/en-us/services-hub/health/remediation-steps-ad/regularly-check-for-and-remove-inactive-user-accounts-in-active-directory
https://blog.ipswitch.com/find-inactive-user-accounts-in-your-domain
https://blog.netwrix.com/2017/06/15/powershell-find-disabled-or-inactive-users-and-computers-in-ad/
https://gist.github.com/9to5IT/c40cea3937c33a1632c749916612dd7c
----------
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Regards
Andreas Baumgarten
I need sign-in details of each user from Azure AD and the reason is if user account is not used for logon on any on-premise domain joined machine then it will not populate last logon date and time in AD. There are cases where account is active and is used in O365 and Azure and have latest sign-in dates.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(265.6, 49%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJM%3C/text%3E%3C/svg%3E)
Did you find how to solve this?
Hello,
Thank you for reaching out.
Additionaly,
You can use Get-AzureADAuditSignInLogs powershell command to get user sign in logs from Azure AD.
Hope this helps,
These will provide sign-in event logs and will not be per user. Its like if I made 10 sign-in in a day I will retrieve 10 results. I am looking for all user sign-in details hope this helps. Once I will be able to pull all Azure user sign in details then It can be filtered with users who have not logged in in last 90 days and those can be compared with On Premise AD Last logon Report.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 90%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKW%3C/text%3E%3C/svg%3E)
Did anyone find the answer? I am also needing the answer for SheshankDhoot-2954 question.