How do you get inactive account from azure ad

Badr 0 Reputation points
2023-05-18T17:14:07.23+00:00

I am trying to get the list of accounts that are enabled in azure ad that has not signed in for over 6 months. I have looked at the query from Microsoft graph API it retrieves disabled account also. My environment has over 100k user account, I have tried through powershell but it crashes

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,623 questions
Microsoft Graph Azure AD API
Microsoft Graph Azure AD API
A Microsoft API that queries the user's profile, finds other users, manages organizational relationships, tracks assignments, or creates original solutions that incorporate existing organizational data.
251 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. James Hamil 14,111 Reputation points Microsoft Employee
    2023-05-18T18:19:59.4866667+00:00

    Hi @Badr , you're doing the right thing by using the Graph API. I assume you followed this document? The issue here is that the Graph API doesn't do so well with such a large amount of data. You'll have to adjust the query to account for this. The best place to start would be paging. You can break your request into smaller parts so that it won't crash on you.

    Please let me know if you have any questions and I can help you further.

    If this answer helps you please mark "Accept Answer" so other users can reference it.

    Thank you,

    James