-
Notifications
You must be signed in to change notification settings - Fork 0
/
EntraIDOprhanedUsers.ps1
35 lines (27 loc) · 950 Bytes
/
EntraIDOprhanedUsers.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#Install the MSGraph Powershell Module
Install-Module -Name MSAL.PS
#Provide your Office 365 Tenant Domain Name or Tenant Id
$TenantId = "XXXXXX"
#$TenantId = "XXXXXX"
#Your Azure AppID
$AppClientId="XXXXXXXX"
$MsalParams = @{
ClientId = $AppClientId
TenantId = $TenantId
Scopes = "https://graph.microsoft.com/User.Read.All","https://graph.microsoft.com/AuditLog.Read.All"
}
$MsalResponse = Get-MsalToken @MsalParams
$AccessToken = $MsalResponse.AccessToken
#Get EntraID users that are Syncing from OnPrem
$EntraID = Get-MgUser -All -Filter "OnPremisesSyncEnabled eq true"
# Get all Azure AD Users
$AD = get-aduser -filter * -Properties *
#Put User PrincipalName to an Array
$EntraIDUPN=$EntraID.UserPrincipalName
$ADUPN=$AD.UserPrincipalName
# PerForm a For-Each Object Loop to find the Users how are Orphaned in EntraAD
$EntraIDUPN | ForEach-Object {
if ($ADUPN-notcontains $_) {
Write-Host "$_"
}
}