My Blog List

Tuesday, August 20, 2024

MgGraph - Retrieve Sign in activity on guest accounts

MgGraph - Retrieve Sign in activity on guest accounts

Retrieve UserPrincipalNameSignInActivity & CreatedDateTime

# Get all guest users with their UserPrincipalName, SignInActivity, and CreatedDateTime

Get-MgUser -All:$true -Filter "userType eq 'Guest'" 
-Property UserPrincipalName,SignInActivity,CreatedDateTime |
    Select-Object CreatedDateTime,
                  UserPrincipalName,
                  @{Name="LastLoginDate"; Expression={$_.SignInActivity.LastSignInDateTime}}

Explanation:

  • Filter Expression: "userType eq 'Guest'" is used to filter guest users.
  • Select-Object: This cmdlet is used to format the output. Here, CreatedDateTime and UserPrincipalName are directly selected, while LastSignInDateTime is computed from the SignInActivity property.


Retrive UserPrincipalNameSignInActivity, CreatedDateTime & InvitationState

  1. Retrieve User Information: Fetch guest users with UserPrincipalName, SignInActivity, and CreatedDateTime.

  2. Retrieve Invitation Information: Use the Microsoft Graph API to fetch invitation details.


# Fetch all guest users and their SignInActivity and CreatedDateTime
$guestUsers = Get-MgUser -All:$true -Filter "userType eq 'Guest'" 
-Property UserPrincipalName,SignInActivity,CreatedDateTime

# Initialize an empty array to hold user details with invitation state
$userDetails = @()

foreach ($user in $guestUsers) {
    # Fetch the invitation details for each guest user
    $invitation = Get-MgInvitation 
    -Filter "invitedUserPrincipalName eq '$($user.UserPrincipalName)'"
    
    # Create a custom object with all required properties
    $userDetails += [PSCustomObject]@{
        CreatedDateTime = $user.CreatedDateTime
        UserPrincipalName = $user.UserPrincipalName
        LastLoginDate = $user.SignInActivity.LastSignInDateTime
        InvitationState = if ($invitation) { $invitation.InvitationStatus } 
        else { "Not Invited" }
    }
}

# Display the user details
$userDetails | Format-Table -AutoSize

Explanation:

  1. Retrieve Guest Users:

    • Get-MgUser -Filter "userType eq 'Guest'" fetches guest users with their UserPrincipalName, SignInActivity, and CreatedDateTime.

  2. Fetch Invitation Details:

    • Get-MgInvitation is used to retrieve invitation details for each guest user based on their UserPrincipalName. Ensure the required permissions are granted to access invitation details.

  3. Combine Data:

    • A loop processes each guest user, retrieves their invitation status, and combines this information into a custom object.

  4. Output Data:

    • Format-Table -AutoSize is used to display the data in a formatted table.

Permissions:

  • To run this script, ensure you have the necessary permissions:
    • User.Read.All or User.ReadBasic.All for Get-MgUser
    • Invitation.Read.All for Get-MgInvitation

Read more »
at No comments:
Labels: , , ,
Subscribe to: Comments (Atom)

Steps to extract ntfs share details from file server shares

As part of a file server consolidation effort, I was tasked to come up with a method to move multiple shares on multiple shares to a WSFC. I...