• State Suggested Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 96 subscribers
  • Views 2802 views
  • Users 0 members are here
Options
Related

Last Login on Azure AD

alessandro piantoni
over 3 years ago

HI All,

customer ask to get Last Login on Azure AD.

Solution 1

   I have found the attribute SignInActivity, but it's still in beta and it's not supported by Microsoft.

Solution 2

   I have found the powershell script to query SignInActivity logs in Azure AD, but the process needs a lot of time to get all data (we are talking about more or less of 2000 users).

Is there another useful method ?

Thanks in advance 

Alessandro

  • 0 over 2 years ago

    Hi Alessandro,

    My client also has same requirenment and I came up with poweshell script and it loads objects quickly, even you can create synchronization using powershell connector to update custom column on AADUser.

    My ps code looks like as below.

    param(
                            [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
                            [ValidateNotNullOrEmpty()]
                            [String]$ApplicationID,

                            [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
                            [ValidateNotNullOrEmpty()]
                            [String]$AccessSecret,
			
			    [parameter(Mandatory=$true,ValueFromPipelineByPropertyName=$true)]
                            [ValidateNotNullOrEmpty()]
                            [String]$Domain

                            
                      )	
          
            	$ApplicationID1 = $ApplicationID
		$TenatDomainName = $Domain
		$AccessSecret1 = $AccessSecret
		$Body = @{
				Grant_Type    = "client_credentials"
				Scope         = "https://graph.microsoft.com/.default"
				client_Id     = $ApplicationID1
				Client_Secret = $AccessSecret1
			}
		$ConnectGraph = Invoke-RestMethod -Uri https://login.microsoftonline.com/$TenatDomainName/oauth2/v2.0/token -Method POST -Body $Body
		$token = $ConnectGraph.access_token
		#Write-Output $token
		$authHeader1 = @{
    					'Content-Type'='application\json'
    					'Authorization'="Bearer $token"
 				}
 
		 #exectue the actual query
 		$LastLogin = Invoke-WebRequest -Headers $AuthHeader1 -Uri "https://graph.microsoft.com/beta/users?`$select=displayName,userPrincipalName,signInActivity&`$top=999&`$filter=userType eq 'Member'"

 		$result = ($LastLogin.Content | ConvertFrom-Json).Value

		$tenantObjects = @()
		# Add in our first 999 objects
		$tenantObjects += $result
		$moreObjects = $LastLogin.Content | ConvertFrom-Json
		#$moreObjects.value.Count

		$result1 = $LastLogin.Content | ConvertFrom-Json

		if ($result1.'@odata.nextLink'){
    			$moreObjects.'@odata.nextLink' = $result1.'@odata.nextLink'
    		do
        		{
            
            			$moreObjects = Invoke-WebRequest -Headers $AuthHeader1 -Uri $moreObjects.'@odata.nextLink'
            			$moreObjects = $moreObjects.Content | ConvertFrom-Json
            			#$moreObjects.value.count
            			$tenantObjects += $moreObjects.value
            			#$tenantObjects.Count

        		} while ($moreObjects.'@odata.nextLink')
		}



		$tenantObjects  | select DisplayName,UserPrincipalName,@{n="LastLoginDate";e={$_.signInActivity.lastSignInDateTime}}