diff --git a/Export Entra Users/GetEntraUsersDetails.ps1 b/Export Entra Users/GetEntraUsersDetails.ps1 new file mode 100644 index 0000000..3aeb536 --- /dev/null +++ b/Export Entra Users/GetEntraUsersDetails.ps1 @@ -0,0 +1,186 @@ +<# +============================================================================================= + +Name : Export all users in Microsoft 365 Using PowerShell +Version : 1.0 +website : o365reports.com + +----------------- +Script Highlights +----------------- +1. The script automatically verifies and installs the Microsoft Graph PowerShell SDK module (if not installed already) upon your confirmation. +2. Exports all users from Microsoft Entra. +3. Allows filtering and exporting users that match the selected filters. + -> Guest users + -> Sign-in enabled users + -> Sign-in blocked users + -> License assigned users + -> Users without any license + -> Users without a manager +4. Identifies recently created users in Microsoft Entra (e.g., within the last n days). +5. Exports the report result to CSV. +6. The script can be executed with an MFA enabled account too. +7. It can be executed with Certificate-based Authentication (CBA) too. +8. The script is schedular-friendly.   + +For detailed Script execution: https://o365reports.com/2025/04/15/export-all-entra-users-using-powershell/ +============================================================================================ +\#> +Param +( + [switch]$CreateSession, + [string]$TenantId, + [string]$ClientId, + [string]$CertificateThumbprint, + [int]$RecentlyCreatedUsers, + [Switch]$GuestUsersOnly, + [Switch]$EnabledUsersOnly, + [Switch]$DisabledUsersOnly, + [Switch]$LicensedUsersOnly, + [Switch]$UnlicensedUsersOnly, + [Switch]$UnmanagedUsers + +) +Function Connect_MgGraph +{ + #Check for module installation + $Module=Get-Module -Name Microsoft.Graph -ListAvailable + if($Module.count -eq 0) + { + Write-Host Microsoft Graph PowerShell SDK is not available -ForegroundColor yellow + $Confirm= Read-Host Are you sure you want to install module? [Y] Yes [N] No + if($Confirm -match "[yY]") + { + Write-host "Installing Microsoft Graph PowerShell module..." + Install-Module Microsoft.Graph -Repository PSGallery -Scope CurrentUser -AllowClobber -Force + } + else + { + Write-Host "Microsoft Graph PowerShell module is required to run this script. Please install module using Install-Module Microsoft.Graph cmdlet." + Exit + } + } + #Disconnect Existing MgGraph session + if($CreateSession.IsPresent) + { + Disconnect-MgGraph | Out-Null + } + + + Write-Host Connecting to Microsoft Graph... + if(($TenantId -ne "") -and ($ClientId -ne "") -and ($CertificateThumbprint -ne "")) + { + Connect-MgGraph -TenantId $TenantId -AppId $ClientId -CertificateThumbprint $CertificateThumbprint -NoWelcome + } + else + { + Connect-MgGraph -Scopes "User.Read.All", "Directory.Read.All" -NoWelcome + } +} +Connect_MgGraph + + +$Location=Get-Location +$ExportCSV = "$Location\EntraUsers_Report_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm-ss` tt).ToString()).csv" +$Count=0 +$PrintedUsers=0 +$RequiredProperties=@('UserPrincipalName','LastPasswordChangeDateTime','AccountEnabled','Country','Department','Jobtitle','SigninActivity','DisplayName','UserType','CreatedDateTime') + +Write-Host Generating Entra users report... +Get-MgUser -All -Property $RequiredProperties | foreach { + $Print=1 + $UPN=$_.UserPrincipalName + $DisplayName=$_.DisplayName + $Count++ + Write-Progress -Activity "`n Processed users: $Count - $UPN " + $LastPwdSet=$_.LastPasswordChangeDateTime + $AccountEnabled=$_.AccountEnabled + if($AccountEnabled -eq $true) + { + $SigninStatus="Allowed" + } + else + { + $SigninStatus="Denied" + } + + $SKUs = (Get-MgUserLicenseDetail -UserId $UPN).SkuPartNumber + $Sku= $SKUs -join "," + $Department=$_.Department + $JobTitle=$_.JobTitle + $LastSigninTime=($_.SignInActivity).LastSignInDateTime + $LastNonInteractiveSignIn=($_.SignInActivity).LastNonInteractiveSignInDateTime + $Manager=(Get-MgUserManager -UserId $UPN -ErrorAction SilentlyContinue) + $ManagerDetails=$Manager.AdditionalProperties + $ManagerName=$ManagerDetails.userPrincipalName + $Country= $_.Country + $CreationTime=$_.CreatedDateTime + $CreatedSince=(New-TimeSpan -Start $CreationTime).Days + $UserType=$_.UserType + + #Filter for guest users + if($GuestUsersOnly.IsPresent -and ($UserType -ne "Guest")) + { + $Print=0 + } + #Filter for recently created users + if(($RecentlyCreatedUsers -ne "") -and ($CreatedSince -gt $RecentlyCreatedUsers)) + { + $Print=0 + } + #Filter for sign-in allowed users + if($EnabledUsersOnly.IsPresent -and ($AccountEnabled -eq $false)) + { + $Print=0 + } + #Filter for sign-in disabled users + if($DisabledUsersOnly.IsPresent -and ($AccountEnabled -eq $true)) + { + $Print=0 + } + #Filter for licensed users + if(($LicensedUsersOnly.IsPresent) -and ($Sku.Length -eq 0)) + { + $Print=0 + } + #Filter for unlicensed users + if(($UnlicensedUsersOnly.IsPresent) -and ($Sku.Length -ne 0)) + { + $Print=0 + } + #Filter for users withour manager + if(($UnmanagedUsers.IsPresent) -and ($Manager -ne $null)) + { + $Print=0 + } + + #Export users based on the given criteria + if($Print -eq 1) + { + $PrintedUsers++ + $Result=[PSCustomObject]@{'Name'=$UPN;'Display Name'=$DisplayName;'User Type'=$UserType;'Sign-in Status'=$SigninStatus;'License'=$SKU;'Department'=$Department;'Job Title'=$JobTitle;'Country'=$Country;'Manager'=$ManagerName;'Pwd Last Change Date'=$LastPwdSet;'Last Signin Date'=$LastSigninTime;'Last Non-interactive Signin Date'=$LastNonInteractiveSignIn;'Creation Time'=$CreationTime} + $Result | Export-Csv -Path $ExportCSV -Notype -Append + } +} + +Disconnect-MgGraph | Out-Null +Write-Host `n~~ Script prepared by AdminDroid Community ~~`n -ForegroundColor Green +Write-Host "~~ Check out " -NoNewline -ForegroundColor Green; Write-Host "admindroid.com" -ForegroundColor Yellow -NoNewline; Write-Host " to get access to 1800+ Microsoft 365 reports. ~~" -ForegroundColor Green `n`n + +#Open Output file after execution + if((Test-Path -Path $ExportCSV) -eq "True") + { + Write-Host `The exported report contains $PrintedUsers users. + Write-Host `nEntra users report available in: -NoNewline -Foregroundcolor Yellow; Write-Host $ExportCSV + $Prompt = New-Object -ComObject wscript.shell + $UserInput = $Prompt.popup("Do you want to open output file?",` + 0,"Open Output File",4) + If ($UserInput -eq 6) + { + Invoke-Item "$ExportCSV" + } + } + else + { + Write-Host No users found for the given criteria. + } \ No newline at end of file