Does deleting users in Azure AD affect logs referencing that user

GT 21 Reputation points
2022-04-05T22:28:25.213+00:00

I'm looking to delete users in Azure that haven't logged in since a certain date. When you do this in AD, you get issues with logs that show the SID instead of the username. I know in part why this is - if the username changes then old logs become a bit useless.

If I delete a user in Azure AD, what happens when viewing a log that references said user?

Will the old username still be there, or will it just have an ObjectID?

My feeling is that the objectID and the username at the time will remain in the logs, I don't think it does some kind of lookup/translation but I

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,211 questions
0 comments No comments
{count} votes

Accepted answer
  1. Shweta Mathur 29,006 Reputation points Microsoft Employee
    2022-04-06T13:16:44.93+00:00

    Hi @GT ,

    Thanks for reaching out.

    I understand that you faced difficulty to identify users in logs by their username which got deleted in AD and wants to confirm the same in Azure Active Directory.

    Your understanding is correct here. Deleting the users in Azure Active Directory does not update any existing logs and you can easily identity the logs by deleted username as it is.

    Thanks,
    Shweta

    -----------------------------------------------

    Please remember to "Accept Answer" if answer helped you.

    0 comments No comments

0 additional answers

Sort by: Most helpful