We are trying to find a way where we can collect inactive users for 6 months on Azure AD and disable them in the Azure AD. We have tried some scripts but still no luck. Does any one has any tricks or idea for this?
Regards,
Harsha
Edited bylusha_76Wednesday, April 29, 2020 9:49 AM
<#
.SYNOPSIS
Check for stale Azure, Guest, or B2B accounts
.PARAMETER Credential
Specify a credential to use when connecting to Azure AD.
.PARAMETER InstallRequiredModules
This script requires the Get-AzureADPolicy cmdlet, which is only available in
the AzureADPreview module. If the module is not installed or not available,
you can use either the MaxInactiveTime parameter or use the default of 90 days
.PARAMETER Logfile
Log events for script execution.
.PARAMETER MaxInactiveTime
Use this parameter to specify the MaxInactiveTime value for your tenant. This is
token refresh value. The default value for Azure Active Directory is 90 days.
You cannot view, add, or modify an Azure AD policy without the AzureADPreview
module. If you do not want to install the module, you can use the default for
this parameter or specify your own value.
.PARAMETER Output
Specify the output file listing stale acccounts.
.PARAMETER StaleAgeInDays
Use this parameter to specify how many days past the refresh token an account
can be inactive before marking it stale.
.EXAMPLE
.\Get-AzureADStaleUsers.ps1 -MaxInactiveTime 30 -StaleAgeInDays 180
Return all objects that have not generated a refresh token in 210 days.
#>
