In this post I am going to share PowerShell script to check if a given office 365 user is blocked to sign-in by using latest Azure AD PowerShell for Graph. We can use Get-AzureADUser cmdlet to get office 365 user information, this command returns the property AccountEnabled and it indicates whether the login status of user is enabled or disabled. Earlier with Old Azure AD powershell command (Get-MsolUser) we had the same attribute with different name BlockCredential.
Before proceed install Azure Active Directory PowerShell for Graph and run the below command to connect Azure AD PowerShell module:
Connect-AzureAD
The below command checks if login status is enabled or blocked for the given azure ad user account:
$user = "[email protected]" $accountEnabled = (Get-AzureADUser -ObjectId $user).AccountEnabled If ($accountEnabled) { Write-Host "$user enabled" } Else { Write-Host "$user disabled" }
Check sign-in status of multiple user accounts
Use the below command to check sign-in status is enabled or blocked for multiple user accounts:
$users = "[email protected]","[email protected]" ForEach ($user in $users) { $accountEnabled = (Get-AzureADUser -ObjectId $user).AccountEnabled If ($accountEnabled) { Write-Host "$user enabled" } Else { Write-Host "$user disabled" }}
Check account status for bulk users from CSV file
The below command gets account status for bulk azure ad users by importing users from CSV file and export the result to csv file.
$Result=@() Import-Csv 'C:\Users.csv' | ForEach-Object { $user = $_."UserPrincipalName" $userObj = Get-AzureADUser -ObjectId $user $Result += New-Object PSObject -property @{ Name = $userObj.DisplayName UserPrincipalName = $userObj.UserPrincipalName AccountEnabled = $userObj.AccountEnabled } } $Result | Export-CSV "C:\AccountStatusReport.csv" -NoTypeInformation -Encoding UTF8
Export all Azure AD users account status to CSV file
The below command gets all office 365 users and exports account enabled status to csv file.
$Result=@() Get-AzureADUser -All $True | ForEach-Object { $Result += New-Object PSObject -property @{ Name = $_.DisplayName UserPrincipalName = $_.UserPrincipalName AccountEnabled = $_.AccountEnabled } } $Result | Export-CSV "C:\AccountStatusReport.csv" -NoTypeInformation -Encoding UTF8