External/powershell-scripts
1
0
Fork 0
mirror of https://github.com/admindroid-community/powershell-scripts.git synced 2025-12-19 09:25:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Microsoft 365 Users' Password Expiry Date report

Browse Source 
Included users' last sign-in date and inactive days
This commit is contained in:
AdminDroid 2024-05-27 19:07:49 +05:30
parent b8b08145f0
commit 7dfd4da739
1 changed files with 39 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
Office 365 Password Expiry Report/PasswordExpiryReport.ps1
View File

@ -1,19 +1,25 @@
<# <#
============================================================================================= =============================================================================================
Name: Export Office 365 Users Last Password Change Date using MS Graph Name: Microsoft 365 password expiry reports
Description: Export Office 365 Users Last Password Change Date and expiry date using MS Graph
website: o365reports.com website: o365reports.com
Script by: O365Reports Team Version: 5.1
Version: 5.0
Script Highlights:  Script Highlights: 
~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~
#. A single script allows you to generate 7 different password reports.  1. A single script allows you to generate 7 different password reports. 
#. The script uses MS Graph PowerShell and installs MS Graph PowerShell SDK (if not installed already) upon your confirmation.  #.Export all users and their last password change and expiry date
#. It can be executed with certificate-based authentication (CBA) too. #.List users with password never expiry
#. The script can be executed with MFA enabled accounts too  #.Exports password expired users
#. Exports output to CSV  #.helps to find soon-to-expire password users
#. You can filter result to display Licensed users alone  #.Helps to track recent password changers, etc
#. The script is scheduler friendly. I.e., Credential can be passed as a parameter instead of saving inside the script.  2. Generates pwd reports for all or Licensed users alone 
3. Gnerates pwd reports for all or sign-in enabled users alone
4. The script uses MS Graph PowerShell and installs MS Graph PowerShell SDK (if not installed already) upon your confirmation. 
5. It can be executed with certificate-based authentication (CBA) too.
6. The script can be executed with MFA enabled accounts too 
7. Exports output to CSV 
8. The script is supports certificate-based authetication
For detailed Script execution: https://o365reports.com/2020/02/17/export-office-365-users-last-password-change-date-to-csv For detailed Script execution: https://o365reports.com/2020/02/17/export-office-365-users-last-password-change-date-to-csv
============================================================================================ ============================================================================================
@ -49,6 +55,7 @@ if($MsGraphBetaModule -eq $null)
Exit Exit
} }
} }
Write-Host "Connecting to MS Graph PowerShell..."
if(($TenantId -ne "") -and ($ClientId -ne "") -and ($CertificateThumbprint -ne "")) if(($TenantId -ne "") -and ($ClientId -ne "") -and ($CertificateThumbprint -ne ""))
{ {
Connect-MgGraph -TenantId $TenantId -AppId $ClientId -CertificateThumbprint $CertificateThumbprint -ErrorAction SilentlyContinue -ErrorVariable ConnectionError|Out-Null Connect-MgGraph -TenantId $TenantId -AppId $ClientId -CertificateThumbprint $CertificateThumbprint -ErrorAction SilentlyContinue -ErrorVariable ConnectionError|Out-Null
@ -67,15 +74,15 @@ else
Exit Exit
} }
} }
Write-Host "Microsoft Graph Beta Powershell module is connected successfully" -ForegroundColor Green
Write-Host "`nNote: If you encounter module related conflicts, run the script in a fresh Powershell window." -ForegroundColor Yellow
$UserCount = 0 $UserCount = 0
$PrintedUser = 0 $PrintedUser = 0
$Result = "" $Result = ""
$PwdPolicy=@{} $PwdPolicy=@{}
#Output file declaration #Output file declaration
$ExportCSV = ".\PasswordExpiryReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm` tt).ToString()).csv" $Location=Get-Location
$ExportCSV = "$Location\PasswordExpiryReport_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm-ss` tt).ToString()).csv"
#Getting Password policy for the domain #Getting Password policy for the domain
$Domains = Get-MgBetaDomain #-Status Verified $Domains = Get-MgBetaDomain #-Status Verified
@ -96,13 +103,14 @@ foreach($Domain in $Domains)
} }
$PwdPolicy.Add($Domain.Id,$PwdValidity) $PwdPolicy.Add($Domain.Id,$PwdValidity)
} }
Write-Host Generating report... -ForegroundColor Magenta Write-Host "Generating M365 users' password expiry report..." -ForegroundColor Magenta
#Loop through each user #Loop through each user
Get-MgBetaUser -All -Property DisplayName,UserPrincipalName,LastPasswordChangeDateTime,PasswordPolicies,AssignedLicenses,AccountEnabled | foreach{ Get-MgBetaUser -All -Property DisplayName,UserPrincipalName,LastPasswordChangeDateTime,PasswordPolicies,AssignedLicenses,AccountEnabled,SigninActivity | foreach{
$UPN = $_.UserPrincipalName $UPN = $_.UserPrincipalName
$DisplayName = $_.DisplayName $DisplayName = $_.DisplayName
[boolean]$Federated = $false [boolean]$Federated = $false
$UserCount++ $UserCount++
Write-Progress -Activity "`n Processed user count: $UserCount "`n" Currently Processing: $DisplayName"
#Remove external users #Remove external users
if($UPN -like "*#EXT#*") if($UPN -like "*#EXT#*")
{ {
@ -111,8 +119,19 @@ Get-MgBetaUser -All -Property DisplayName,UserPrincipalName,LastPasswordChangeDa
$PwdLastChange = $_.LastPasswordChangeDateTime $PwdLastChange = $_.LastPasswordChangeDateTime
$PwdPolicies = $_.PasswordPolicies $PwdPolicies = $_.PasswordPolicies
$LicenseStatus = $_.AssignedLicenses $LicenseStatus = $_.AssignedLicenses
$LastSignInDate=$_.SignInActivity.LastSignInDateTime
#Calculate Inactive days
if($LastSignInDate -eq $null)
{
$LastSignInDate="Never Logged-in"
$InactiveDays= "-"
}
else
{
$InactiveDays= (New-TimeSpan -Start $LastSignInDate).Days
}
$Print = 0 $Print = 0
Write-Progress -Activity "`n Processed user count: $UserCount "`n" Currently Processing: $DisplayName"
if($LicenseStatus -ne $null) if($LicenseStatus -ne $null)
{ {
$LicenseStatus = "Licensed" $LicenseStatus = "Licensed"
@ -216,7 +235,7 @@ Get-MgBetaUser -All -Property DisplayName,UserPrincipalName,LastPasswordChangeDa
} }
$PrintedUser++ $PrintedUser++
#Export result to csv #Export result to csv
$Result = [PSCustomObject]@{'Display Name'=$_.DisplayName;'User Principal Name'=$UPN;'Pwd Last Change Date'=$PwdLastChange;'Days since Pwd Last Set'=$PwdSinceLastSet;'Pwd Expiry Date'=$PwdExpiryDate;'Friendly Expiry Time'=$PwdExpireIn ;'License Status'=$LicenseStatus;'Days since Expiry(-) / Days to Expiry(+)'=$PwdExpiresIn;'Account Status'=$AccountStatus} $Result = [PSCustomObject]@{'Display Name'=$_.DisplayName;'User Principal Name'=$UPN;'Pwd Last Change Date'=$PwdLastChange;'Days since Pwd Last Set'=$PwdSinceLastSet;'Pwd Expiry Date'=$PwdExpiryDate;'Friendly Expiry Time'=$PwdExpireIn ;'Days since Expiry(-) / Days to Expiry(+)'=$PwdExpiresIn;'License Status'=$LicenseStatus;'Account Status'=$AccountStatus;'Last Sign-in Date'=$LastSignInDate;'Inactive Days'=$InactiveDays}
$Result | Export-Csv -Path $ExportCSV -Notype -Append $Result | Export-Csv -Path $ExportCSV -Notype -Append
} }
if($UserCount -eq 0) if($UserCount -eq 0)
@ -227,6 +246,9 @@ else
{ {
Write-Host "`nThe output file contains " -NoNewline Write-Host "`nThe output file contains " -NoNewline
Write-Host $PrintedUser users. -ForegroundColor Green Write-Host $PrintedUser users. -ForegroundColor Green
Write-Host `n~~ Script prepared by AdminDroid Community ~~`n -ForegroundColor Green
Write-Host "~~ Check out " -NoNewline -ForegroundColor Green; Write-Host "admindroid.com" -ForegroundColor Yellow -NoNewline; Write-Host " to get access to 1800+ Microsoft 365 reports. ~~" -ForegroundColor Green `n`n
if((Test-Path -Path $ExportCSV) -eq "True") if((Test-Path -Path $ExportCSV) -eq "True")
{ {
Write-Host `n "The Output file availble in:" -NoNewline -ForegroundColor Yellow; Write-Host "$ExportCSV" `n Write-Host `n "The Output file availble in:" -NoNewline -ForegroundColor Yellow; Write-Host "$ExportCSV" `n
@ -239,7 +261,5 @@ else
} }
} }
} }
Write-Host `n~~ Script prepared by AdminDroid Community ~~`n -ForegroundColor Green
Write-Host "~~ Check out " -NoNewline -ForegroundColor Green; Write-Host "admindroid.com" -ForegroundColor Yellow -NoNewline; Write-Host " to get access to 1800+ Microsoft 365 reports. ~~" -ForegroundColor Green `n`n
Disconnect-MgGraph | Out-Null Disconnect-MgGraph | Out-Null