Last active
November 29, 2021 17:56
-
-
Save merill/2238812c8007601b5c1b36b2e7cb8b7e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Install-Module Microsoft.Graph | |
Import-Module Microsoft.Graph | |
Connect-MgGraph | |
Select-MgProfile -Name beta | |
Get-MgUser -All -Filter "userType eq 'Guest'" -Select "mail,userPrincipalName,signInActivity" | Select-Object -Property mail,@{Name = 'LastSignIn'; Expression = {$_.signInActivity.lastSignInDateTime}} |
User.Read should do it. Can you share the error you are seeing?
Hi @merill, thanks for getting back to me. There was no error, just an absence of data for that property.
I'm new to the graph module so didn't look at the syntax, especially since it wasn't giving an error. But I've managed to make it work now. I wonder has something changed in the module as -Select
doesn't appear to be a parameter of Get-MgUser
(docs).
The following works (even without the scope):
Connect-MgGraph -Scopes "User.Read"
Select-MgProfile -Name beta
Get-MgUser -All -Filter "userType eq 'Guest'" -Property signInActivity | Select-Object -Property mail,@{Name = 'LastSignIn'; Expression = {$_.signInActivity.lastSignInDateTime}}
It's interesting because I couldn't get signInActivity to return using the Graph Explorer unless I consented to AuditLog.Read.All (and maybe some of the others). I might have to revisit that and see if that's really true.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for sharing this, this looks exactly what I need for my tenant right now.
However I can't get it to return signInActivity. I can in Graph Explorer, just not with Get-MgUser.
Do you know what scopes it requires?
I've tried a number of combinations including variations of the following (some taken from what I can see consented in Graph Explorer).
"User.Read", "User.Read.All", "AuditLog.Read.All", "Directory.Read.All", "email", "openid", "profile"
I'm using Microsoft.Graph 1.9.0 and am signed in as a Global Admin