Share via

Using Microsoft Graph to find Inactive Azure AD Users

Son 316 Reputation points
2022-05-30T10:25:14.097+00:00

Hi,

I need assistance trying to locate cloud only Azure AD users in our tenant that have not logged in for 90 days or more.

I am trying to achieve this using the Microsoft Graph API and PowerShell but I am relatively new to the concept and it is different.

Eventually I would want this automated using a Scheduled Task to run a PowerShell script but for now I would like to achieve the results interactively but I am struggling to find the cmdlets to run to pull back the information.

I am unable to locate the last sign in date attribute that I would need to build this into a script.

Hope you can help!

Microsoft Security | Microsoft Graph
0 comments
Accepted answer
  1. Vasil Michev 119.8K Reputation points MVP Volunteer Moderator
    2022-05-30T11:37:10.447+00:00

    If you are new to the Graph, it can be a bit challenging, so it's probably best to use the Microsoft Graph SDK for PowerShell. Here's an example: 

    Select-MgProfile beta
Get-MgUser -Property signInActivity | select UserPrincipalName,@{n="LastSignIn";e={$_.signInActivity.LastSignInDateTime}} | ? {$_.LastSignIn -ge (Get-date).AddDays(-90)}

    To do it directly via Graph, see for example: https://www.michev.info/Blog/Post/2968/reporting-on-users-last-logged-in-date-in-office-365
    The query you can use to filter just sign ins in the past 90 days looks something like this: 

    https://graph.microsoft.com/beta/users?$filter=(signInActivity/lastsignindatetime+gt+2022-03-01T00:00:00Z)&$select=UserPrincipalName,signInActivity
    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.