External/powershell-scripts
1
0
Fork 0
mirror of https://github.com/admindroid-community/powershell-scripts.git synced 2025-12-17 16:35:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
powershell-scripts/Export Entra Users/GetEntraUsersDetails.ps1
AdminDroid 469380daee Export Entra Users
2025-04-25 16:22:56 +05:30

186 lines
6.1 KiB
PowerShell
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<#
=============================================================================================
Name : Export all users in Microsoft 365 Using PowerShell
Version : 1.0
website : o365reports.com
-----------------
Script Highlights
-----------------
1. The script automatically verifies and installs the Microsoft Graph PowerShell SDK module (if not installed already) upon your confirmation.
2. Exports all users from Microsoft Entra.
3. Allows filtering and exporting users that match the selected filters.
-> Guest users
-> Sign-in enabled users
-> Sign-in blocked users
-> License assigned users
-> Users without any license
-> Users without a manager
4. Identifies recently created users in Microsoft Entra (e.g., within the last n days).
5. Exports the report result to CSV.
6. The script can be executed with an MFA enabled account too.
7. It can be executed with Certificate-based Authentication (CBA) too.
8. The script is schedular-friendly.  
For detailed Script execution: https://o365reports.com/2025/04/15/export-all-entra-users-using-powershell/
============================================================================================
\#>
Param
(
[switch]$CreateSession,
[string]$TenantId,
[string]$ClientId,
[string]$CertificateThumbprint,
[int]$RecentlyCreatedUsers,
[Switch]$GuestUsersOnly,
[Switch]$EnabledUsersOnly,
[Switch]$DisabledUsersOnly,
[Switch]$LicensedUsersOnly,
[Switch]$UnlicensedUsersOnly,
[Switch]$UnmanagedUsers
)
Function Connect_MgGraph
{
#Check for module installation
$Module=Get-Module -Name Microsoft.Graph -ListAvailable
if($Module.count -eq 0)
{
Write-Host Microsoft Graph PowerShell SDK is not available -ForegroundColor yellow
$Confirm= Read-Host Are you sure you want to install module? [Y] Yes [N] No
if($Confirm -match "[yY]")
{
Write-host "Installing Microsoft Graph PowerShell module..."
Install-Module Microsoft.Graph -Repository PSGallery -Scope CurrentUser -AllowClobber -Force
}
else
{
Write-Host "Microsoft Graph PowerShell module is required to run this script. Please install module using Install-Module Microsoft.Graph cmdlet."
Exit
}
}
#Disconnect Existing MgGraph session
if($CreateSession.IsPresent)
{
Disconnect-MgGraph | Out-Null
}
Write-Host Connecting to Microsoft Graph...
if(($TenantId -ne "") -and ($ClientId -ne "") -and ($CertificateThumbprint -ne ""))
{
Connect-MgGraph -TenantId $TenantId -AppId $ClientId -CertificateThumbprint $CertificateThumbprint -NoWelcome
}
else
{
Connect-MgGraph -Scopes "User.Read.All", "Directory.Read.All" -NoWelcome
}
}
Connect_MgGraph
$Location=Get-Location
$ExportCSV = "$Location\EntraUsers_Report_$((Get-Date -format yyyy-MMM-dd-ddd` hh-mm-ss` tt).ToString()).csv"
$Count=0
$PrintedUsers=0
$RequiredProperties=@('UserPrincipalName','LastPasswordChangeDateTime','AccountEnabled','Country','Department','Jobtitle','SigninActivity','DisplayName','UserType','CreatedDateTime')
Write-Host Generating Entra users report...
Get-MgUser -All -Property $RequiredProperties | foreach {
$Print=1
$UPN=$_.UserPrincipalName
$DisplayName=$_.DisplayName
$Count++
Write-Progress -Activity "`n Processed users: $Count - $UPN "
$LastPwdSet=$_.LastPasswordChangeDateTime
$AccountEnabled=$_.AccountEnabled
if($AccountEnabled -eq $true)
{
$SigninStatus="Allowed"
}
else
{
$SigninStatus="Denied"
}
$SKUs = (Get-MgUserLicenseDetail -UserId $UPN).SkuPartNumber
$Sku= $SKUs -join ","
$Department=$_.Department
$JobTitle=$_.JobTitle
$LastSigninTime=($_.SignInActivity).LastSignInDateTime
$LastNonInteractiveSignIn=($_.SignInActivity).LastNonInteractiveSignInDateTime
$Manager=(Get-MgUserManager -UserId $UPN -ErrorAction SilentlyContinue)
$ManagerDetails=$Manager.AdditionalProperties
$ManagerName=$ManagerDetails.userPrincipalName
$Country= $_.Country
$CreationTime=$_.CreatedDateTime
$CreatedSince=(New-TimeSpan -Start $CreationTime).Days
$UserType=$_.UserType
#Filter for guest users
if($GuestUsersOnly.IsPresent -and ($UserType -ne "Guest"))
{
$Print=0
}
#Filter for recently created users
if(($RecentlyCreatedUsers -ne "") -and ($CreatedSince -gt $RecentlyCreatedUsers))
{
$Print=0
}
#Filter for sign-in allowed users
if($EnabledUsersOnly.IsPresent -and ($AccountEnabled -eq $false))
{
$Print=0
}
#Filter for sign-in disabled users
if($DisabledUsersOnly.IsPresent -and ($AccountEnabled -eq $true))
{
$Print=0
}
#Filter for licensed users
if(($LicensedUsersOnly.IsPresent) -and ($Sku.Length -eq 0))
{
$Print=0
}
#Filter for unlicensed users
if(($UnlicensedUsersOnly.IsPresent) -and ($Sku.Length -ne 0))
{
$Print=0
}
#Filter for users withour manager
if(($UnmanagedUsers.IsPresent) -and ($Manager -ne $null))
{
$Print=0
}
#Export users based on the given criteria
if($Print -eq 1)
{
$PrintedUsers++
$Result=[PSCustomObject]@{'Name'=$UPN;'Display Name'=$DisplayName;'User Type'=$UserType;'Sign-in Status'=$SigninStatus;'License'=$SKU;'Department'=$Department;'Job Title'=$JobTitle;'Country'=$Country;'Manager'=$ManagerName;'Pwd Last Change Date'=$LastPwdSet;'Last Signin Date'=$LastSigninTime;'Last Non-interactive Signin Date'=$LastNonInteractiveSignIn;'Creation Time'=$CreationTime}
$Result | Export-Csv -Path $ExportCSV -Notype -Append
}
}
Disconnect-MgGraph | Out-Null
Write-Host `n~~ Script prepared by AdminDroid Community ~~`n -ForegroundColor Green
Write-Host "~~ Check out " -NoNewline -ForegroundColor Green; Write-Host "admindroid.com" -ForegroundColor Yellow -NoNewline; Write-Host " to get access to 1800+ Microsoft 365 reports. ~~" -ForegroundColor Green `n`n
#Open Output file after execution
if((Test-Path -Path $ExportCSV) -eq "True")
{
Write-Host `The exported report contains $PrintedUsers users.
Write-Host `nEntra users report available in: -NoNewline -Foregroundcolor Yellow; Write-Host $ExportCSV
$Prompt = New-Object -ComObject wscript.shell
$UserInput = $Prompt.popup("Do you want to open output file?",`
0,"Open Output File",4)
If ($UserInput -eq 6)
{
Invoke-Item "$ExportCSV"
}
}
else
{
Write-Host No users found for the given criteria.
}
Reference in New Issue View Git Blame Copy Permalink