Something slightly different but still useful for some of us. The commands shown below are pretty straight forward to retrieve some information using PowerShell. The cmdlets below could be useful if you want to build an automated reporting e-mail/teams message for daily reports for example. The examples below could be used as a starting point.
I have not found time (yet) to build an automated reporting tool/script but the cmdlets i would be using are pretty useful so i might share these already. That’s basically everything in this blog.. 🙂
Want to know more about MG Graph? Read the official Get Started documentation here: Get started with the Microsoft Graph PowerShell SDK | Microsoft Learn
Requirements
Install the PowerShell module using the following cmdlet.
Install-Module Microsoft.Graph -Scope AllUsers
Retrieve newly created Entra ID users
The cmdlet/script below shows newly created users since the last day. This could be modified to whatever days you like. Simply modify the Get-Date).AddDays(-1) value to something else.
#Generate output of newly created users where .AddDays(-1) counts as the days from now.
# Authenticate to Microsoft Graph
Connect-MgGraph -Scopes "User.Read.All"
# Query for newly created users
$newUsers = Get-MgUser -Filter "CreatedDateTime ge $((Get-Date).AddDays(-1).ToString("s"))Z"
Write-Output $newUsers
Retrieve newly created Entra ID groups
The cmdlet/script below shows newly created groups since the last day. This could be modified to whatever days you like. Simply modify the Get-Date).AddDays(-1) value to something else.
#Generate output of newly created groups where .AddDays(-1) counts as the days from now.
# Authenticate to Microsoft Graph
Connect-MgGraph -Scopes "Group.Read.All"
# Query for newly created groups
$newGroups = Get-MgGroup | Where-Object { $_.CreatedDateTime -ge $((Get-Date).AddDays(-1)) }
Write-Output $newGroups
Retrieve newly created App Registration or Enterprise App
The cmdlet/script below shows newly created App registrations or Enterprise Apps since the last day. This could be modified to whatever days you like. Simply modify the Get-Date).AddDays(-1) value to something else.
#Generate output of newly created App Registrations where .AddDays(-1) counts as the days from now.
# Authenticate to Microsoft Graph
Connect-MgGraph -Scopes "Application.Read.All"
# Query for newly created users
$Apps = Get-MgApplication -All | Where-Object { $_.CreatedDateTime -ge $((Get-Date).AddDays(-1)) }
Write-Output $Apps
Retrieve all Dynamic groups in Entra ID
The cmdlet/script below shows all available Dynamic groups which are available in Entra ID.
#Generate output of all Dynamic Groups groups
# Authenticate to Microsoft Graph
Connect-MgGraph -Scopes "Group.Read.All"
# Query for newly created users
$DynamicGroups = Get-MgGroup -All | Where-Object {$_.GroupTypes -eq "DynamicMembership"}
Write-Output $DynamicGroups
Retrieve all Stale devices
Generate output of devices where no user logon activity is found. .AddDays(-30) counts as the days from now. Output is filtered to shown only Company owned devices. Personal devices are filtered out.
#Generate output of devices where no user logon activity is found. .AddDays(-30) counts as the days from now.
#Output is filtered to shown only Company owned devices. Personal devices are filtered out.
# Authenticate to Microsoft Graph
Connect-MgGraph
# Query for possible stale devices
$StaleDevice = Get-MgDevice | Where-Object { $_.ApproximateLastSignInDateTime -gt $((Get-Date).AddDays(-30)) -and $_.DeviceOwnership -eq "Company"}
Write-Output $StaleDevice | FL Displayname, ApproximateLastSignInDateTime, EnrollmentProfileName, ID, DeviceID
If you would like to see all devices including personal ones this is the one you need.
#Generate output of devices where no user logoc activity is found. .AddDays(-30) counts as the days from now.
# Authenticate to Microsoft Graph
Connect-MgGraph
# Query for possible stale devices
$StaleDevice = Get-MgDevice | Where-Object { $_.ApproximateLastSignInDateTime -gt $((Get-Date).AddDays(-30)) }
Write-Output $StaleDevice | FL Displayname, ApproximateLastSignInDateTime, EnrollmentProfileName, ID, DeviceID
Please not that there’s nothing more than useful MG Graph examples in this blogpost. In the future i might use these to receive daily/weekly reports via Teams or E-mail.