Home > database >  How can i get the lastlogon users in Azure AD?
How can i get the lastlogon users in Azure AD?

Time:01-18

I would like to output the list of users who have not logged in for more than a month to retrieve licenses. How can I obtain the last connection of users who have an AD license whose accounts are still active.

$guestuserIDs= (Get-AzureADUser -Filter "AccountEnabled eq true" | Select-Object ObjectId).ObjectId

$startTime = (get-date).AddDays(-30).ToString("yyyy-MM-dd")

foreach($guestUserID in $guestuserIDs){
    Get-AzureADAuditSignInLogs -Filter "UserId eq '$guestUserID'" -Top 1 |Select-Object UserId,UserDisplayName,CreatedDateTime 
}

I don't know how and if it's possible to add a command line to validate users who are currently consuming a license. Any help would be appreciate! Thanks

CodePudding user response:

Please check Below powershell commands which i tested in my environment:

To list users who have not logged in for more than a month and obtain the last connection/last logon of users who have AD license whose accounts are still enabled/active.

       #Guest users Having account enabled and who are not logged in since last 30 days

            $guestuserIDsLOGEDINLESSTHAN30DAYS= ((Get-AzureADUser -Filter "UserType eq 
         'Guest' and AccountEnabled eq true" )| Where-Object { $_.LastSignInDateTime -le (Get-Date).AddDays(-30) } )
            $AllSiginLogs = Get-AzureADAuditSignInLogs -All $true
    
            foreach($guestuser in $guestuserIDsLOGEDINLESSTHAN30DAYS)
            {
            
            $IsLicensed  = if ($guestuser.assignedLicenses.Count -ne 0) { $true } else { $false }
    
      #Below command gives last login time of users with  license (having account enabled and who are not logged in since last 30 days)
            if($IsLicensed)
            {
            $ObjectId=$guestuser.ObjectId
            Write-Host "Displayname :" $guestuser.DisplayName  "     |   IsAccountEnabled   : " $guestuser.AccountEnabled  " |  ObjectId  : " $guestuser.ObjectId "   | UPN : " $guestuser.UserPrincipalName 
            Write-Host "IsLicensed :" $IsLicensed   
            
            
    
    #Below command gives last login time 
            $LoginRecord = $AllSiginLogs | Where-Object{ $_.UserId -eq $guestuser.ObjectId  } | Sort-Object CreatedDateTime -Descending
                if($LoginRecord.Count -gt 0){
                    $lastLogin = $LoginRecord[0].CreatedDateTime
                }else{
                    $lastLogin = 'no login record'
                }
            
            Write-Host "Last logon time  : " $lastLogin
            Write-Host " "
            
    
 #below commands `be used to get license details
            $licenseDetails = Get-AzureADUserLicenseDetail -ObjectId $ObjectId
            Write-Host "license COUNT : " $guestuser.assignedLicenses.Count
            #Write-Host "license details : " $guestuser.AssignedLicenses
            Write-Host "license details : " $licenseDetails
            
            Write-Host " " 
            
            }

SAMPLE OUTPUT of last logon requirement: ![enter image description here

You can see below References to remove licenses if required for the above loop

  1. azuread-license-powershell-snippets
  2. Remove Microsoft 365 licenses from user accounts with PowerShell - | Microsoft Docs

Other references:

  1. Get-AzureADAuditSignInLogs (AzureADPreview) | Microsoft Docs
  2. View licensed and unlicensed Microsoft 365 users with PowerShell - | Microsoft Docs
  3. Check if Office 365 User is Licensed or Not using PowerShell (morgantechspace.com)

Page link:https//www.codepudding.com/database/266502.html

Prev:Who has seen this potential powershell object property treated as method call booby trap?
Next:Why is fetch not working propely using Google Apps Script?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding