Friday, January 26, 2024

Azure AD users Sign in logs for 30 days report 

#PowerShell script reads the All guest account details as a CSV and check in Azure AD sign in logs 30 days and generates the report file

# Install the AzureAD module (if not already installed)
Install-Module -Name AzureAD -Force -AllowClobber

# Import the AzureAD module
Import-Module AzureAD
# Connect to Azure AD (you will be prompted for credentials)
Connect-AzureAD
# Read CSV file
$csvPath = "C:\Report\AllGuestUsers.CSV"
$csvData = Import-Csv -Path $csvPath

# Array to store results
$results = @()

# Iterate through each row in the CSV
foreach ($row in $csvData) {
    $email = $row.email
    Write-Host  $email -ForegroundColor Green

    # Get sign-in logs for the specific email
    $signInLogs = Get-AzureADAuditSignInLogs -Filter "startsWith(userPrincipalName, '$email')"

    # Check if any sign-in logs were found
    $status = if ($signInLogs.Count -gt 0) { 'Found' } else { 'Not Found' }

    # Create an object with the email and status
    $result = [PSCustomObject]@{
        Email = $email
        Status = $status
    }

    # Add the result to the array
    $results += $result
}

# Export results to CSV
$results | Export-Csv -Path "C:\Report\Results.csv" -NoTypeInformation

# Display a confirmation message
Write-Output "Results exported to Results.csv"
By at No comments:

Disable guest account from Azure AD reading CSV file 

#This PowerShell script is used to read a CSV file having list of User Principal name (not email)
#and disable the account in azure AD

# Install the AzureAD PowerShell module if not already installed
Install-Module -Name AzureAD -Force -AllowClobber -Scope CurrentUser

# Import the AzureAD module
Import-Module AzureAD



# Connect to Azure AD
Connect-AzureAD # -Credential $credential

# Specify the path to your CSV file
$csvFilePath = "C:\Report\Final\UserPrinicpalList.csv"


    # Read the CSV file
    $csvData = Import-Csv -Path $csvFilePath

    # Iterate through each row in the CSV
    foreach ($row in $csvData) {
        $upn = $row.UserPrincipalName

        # Get the user object from Azure AD
        
        $azureADUser = Get-AzureADUser -Filter "UserPrincipalName eq '$upn'"

        if ($azureADUser) {
            Write-Host  $email -ForegroundColor Green
            # Disable the user account
            Set-AzureADUser -ObjectId $azureADUser.ObjectId -UserPrincipalName $upn -AccountEnabled $false

            Write-Host "Azure AD account for $email has been disabled."
        } else {
            Write-Host  $upn -ForegroundColor Red
            Write-Host "User with email $upn not found in Azure AD."
        }
    }
By at No comments:
Subscribe to: Posts (Atom)

HTML

Script:

JS