31.3 C
Sunday, June 26, 2022

Find Azure AD Inactive Users using Powershell and Graph

Finding Inactive users with the Last Logon Date from the Azure Active Directory has never been easier. LastSignInDateTime property was introduced in Microsoft Graph to make it easier for Admins to retrieve so that cleanup can be done periodically.

There are numerous ways to retrieve this property, Simplified the whole process with a few lines of code so that it doesn’t complicate starters to retrieve them from Azure AD. Please note this requires the tenant to have Azure AD P1 or P2 license
if you don’t have the required license to retrieve this property, you will get the below error.

“error”:{“code”:”Authentication_RequestFromNonPremiumTenantOrB2CTenant”,”message”:”Neither tenant is B2C or tenant doesn’t have premium license”

Firstly we need an Azure AD App Registration with a few permissions like AuditLog.Read.All and Directory.Read.All
Let’s create an App Registration,

I have named it UserSigninLogs

App is Created

Client Secret is Created.

Add the required permissions, AuditLog.Read.All and Directory.Read.All and Grant Admin Consent.

Now we have the Application ID and Directory ID and Client Secret for our Script to retrieve data via Microsoft Graph.

After replacing the above value you can retrieve them into a CSV file. You can change the number and CSV file name as per your requirements, or run without parameters it will take default values.

.\AzureAD_Inactive_Users.ps1 -LastLogonDays 90 -CSVFileName 90daysinactive.csv

.\AzureAD_Inactive_Users.ps1 -LastLogonDays 60 


CSV Format

Download from GitHub –

AzureAD_Inactive_Users/AzureAD_Inactive_Users.ps1 at main ยท azure365pro/AzureAD_Inactive_Users (github.com)

Satheshwaran Manoharanhttps://www.azure365pro.com
Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Related Articles


Please enter your comment!
Please enter your name here