-
Notifications
You must be signed in to change notification settings - Fork 129
/
Graph_Last_Login_Date.ps1
34 lines (26 loc) · 1.77 KB
/
Graph_Last_Login_Date.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#Set up
$AppId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" #clientID of your AAD app, must have User.Read.All, Directory.Read.All, Auditlogs.Read.All permissions
$client_secret = Get-Content '.\Login script\ReportingApiSecret.txt' | ConvertTo-SecureString
$app_cred = New-Object System.Management.Automation.PsCredential($AppId, $client_secret)
$TenantId = "michev.onmicrosoft.com" #your tenant
$body = @{
client_id = $AppId
scope = "https://graph.microsoft.com/.default"
client_secret = $app_cred.GetNetworkCredential().Password
grant_type = "client_credentials"
}
#simple code to get an access token, add your own handlers as needed
try { $tokenRequest = Invoke-WebRequest -Method Post -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -ContentType "application/x-www-form-urlencoded" -Body $body -UseBasicParsing -ErrorAction Stop }
catch { Write-Host "Unable to obtain access token, aborting..."; return }
$token = ($tokenRequest.Content | ConvertFrom-Json).access_token
#prepare auth header
$authHeader1 = @{
'Content-Type'='application\json'
'Authorization'="Bearer $token"
}
#exectue the actual query
$LastLogin = Invoke-WebRequest -Headers $AuthHeader1 -Uri "https://graph.microsoft.com/beta/users?`$select=displayName,userPrincipalName,signInActivity"
$result = ($LastLogin.Content | ConvertFrom-Json).Value
$result | select DisplayName,UserPrincipalName,@{n="LastLoginDate";e={$_.signInActivity.lastSignInDateTime}}
#$result | Export-Csv -Path "$((Get-Date).ToString('yyyy-MM-dd_HH-mm-ss'))_LastLoginDate.csv" -NoTypeInformation -Encoding UTF8 -UseCulture
#https://docs.microsoft.com/en-us/graph/api/user-list?view=graph-rest-beta&tabs=http#example-5-list-the-last-sign-in-time-of-users-in-a-specific-time-range