Create Office 365 User Reports with PowerShell. In this post, we will be discussing how to create an Office 365 Users’ report using a PowerShell script.
What is Office 365?
Office 365 is a software as a service offered by Microsoft, which is a subscription-based service that gives access to Microsoft’s productivity applications.
Below are some of the traditional and new Microsoft productivity applications we are familiar with:
Microsoft Word
Microsoft Excel
Microsoft PowerPoint
Microsoft Outlook
Microsoft One Note
Microsoft Publisher
Microsoft Exchange
Microsoft SharePoint
Microsoft Teams
Microsoft OneDrive
Skype for Business
Yammer
These services’ availability is dependent on the subscription/license been purchased and assigned to a user, we will not be discussing subscriptions or licenses in this article.
What is a User Object in Office 365?
For users to have licenses or subscriptions assigned to them they need to have a user object exiting in an Azure Active Directory. We would describe a user object as an object in Azure Active Directory with a userType attribute value defined as Member.
When a user is created in a Tenant, it creates the user object in Azure Active Directory. The user object allows Microsoft services via licenses assigned to it to be available to the user.
We can not overemphasize the importance of auditing in Information Technology as a whole and this article concerning Office 365 Administrators.
Auditing these Office 365 users will assist administrators to know information about the users existing on the Tenant that could help during troubleshooting, onboarding, and separation of users to update internal documentation, and many more.
Below are some of the different types of Office 365 User Reports that administrators run:
A report showing the Creation Date and Time for Office 365 Users
A report showing Users that are Enabled/Disabled in an Office 365 Tenant
Generating Office 365 Users Reports using PowerShell
The Office 365 Administration Portal gives us the ability to generate this report, however, the report generated from the admin portal does not hold some attributes that would be included in our report.
We have listed some Office 365 User reports in this article and we are going to generate a single report that would have all the attributes of those reports and more.
For us to achieve this we will be making use of these two CMDLETS imported from the MSOnline module:
Get-MsolUser: This cmdlet gets the users from Azure Active Directory
Get-MsolUserRole: This cmdlet gets the administrator roles to which an Office 365 User belongs.
Connecting to MsolService
We need to connect to Azure Active Directory before we can query it using the CMDLETS listed above.
The PowerShell script below allows this to be possible:
# Connect to MsolService
Connect-MsolService
Next, there will be a pop-up dialogue box to enter the global administrator credentials:
Exporting Office 365 Users’ Details to csv using PowerShell
Next, we will be creating an Office 365 Users Report which will have a combination of the attributes and more of the previously listed examples of user reports generated by Office 365 Administrators.
The report will have the following parameters in a CSV output file:
Note: Change the $ReportName variable to suit your desired output file path and file name. Also, the “.\” represents the present working directory (you can get this information by running the following cmdlets in your PowerShell session: PWD or Get-Location).
“.\” can be changed to any desired directory on the machine (E.g C:\Windows\)
# set the name of the report alongside the path ".\ relative path"
$ReportName = ".\Office365UsersReport.csv"
# get all office Users
$UsersDetails = Get-MsolUser -All
# set export array
$ExportArray = @()
# loop through each office 365 user
Foreach ($UserDetail in $UsersDetails) {
# set the office 365 user's UserPrincipalName
$UserUpn = $UserDetail.UserPrincipalName.ToString()
# get the office 365 user's role(s)
$UserRoleDetails = Get-MsolUserRole -UserPrincipalName $UserUpn
# set the value of the office 365 user's immutable id
$ImmutableId = $UserDetail.ImmutableId
#region check for the office 365 user's synchronization status
if ($null -eq ($UserDetail.ImmutableId)) {
# set the office 365 user's Synchronization Status
$SynchronizationStatus = "Cloud Only"
}
elseif ($null -ne ($UserDetail.ImmutableId)) {
# get the office 365 user's Synchronization Status
$SynchronizationStatus = "Should Be On-Premise ($ImmutableId)"
}
#endregion check for the office 365 user's synchronization status
# add values to array
$ExportArray += [PSCustomObject][Ordered]@{
# get the office 365 user's display name
"Display Name" = $UserDetail.DisplayName
# get the office 365 user's userprincipalname
"UserPrincipalName" = $UserUpn
# get the office 365 user's First Name
"First Name" = $UserDetail.FirstName
# get the office 365 user's Last Name
"Last Name" = $UserDetail.LastName
# get the office 365 user's creation date
"When Created" = $UserDetail.WhenCreated
# get the office 365 user's mobile number
"Mobile Number" = $UserDetail.MobilePhone
# get the office 365 user's department
"Department" = $UserDetail.Department
# get the office 365 user's city
"City" = $UserDetail.City
# get the office 365 user's usage location
"Usage Location" = $UserDetail.UsageLocation
# get the office 365 user's proxy addresses
"Proxy Addresses" = ($UserDetail.ProxyAddresses | Out-String).Trim()
# get the office 365 user's MFA status
"MFA Status" = $UserDetail.StrongAuthenticationRequirements.state
# get the office 365 user's last password change timestamp
"Last Password Change Timestamp" = $UserDetail.LastPasswordChangeTimestamp
# get the office 365 user's block sign-in status
"Block Sign-In Status" = $UserDetail.BlockCredential
# get the office 365 user's role details
"User Role Details" = ($UserRoleDetails.Name | Out-String).Trim()
# get the office 365 user's Last Directory Sync Time
"Last DirSync Time" = $UserDetail.LastDirSyncTime
# get the office 365 user's Synchronization Status
"Synchronization Status" = $SynchronizationStatus
}
}
# export to csv file
$ExportArray | Export-Csv -Path $ReportName -Delimiter "," -NoTypeInformation
After the report gets generated as a csv file, we will view it using Microsoft Excel and make modifications to achieve a perfect view.
Create Office 365 User Reports with PowerShell Script (Export CSV) Conclustion
In this article we created a Powershell script that allowed you to create Office 365 user reports using Powershell and export to a CSV file. Check out our Office 365 reporting tool that allows you to easily create Office 365 reports and automate these steps easily.
My background is in Cloud Operations, Office 365, Exchange Online, Security & Compliance, Active Directory and Dynamics 365 F&O. I'm a PowerShell Developer and ATTUNE Evangelist. Certified Cyber Security Professional (CSFPC).
51vote
Article Rating
Subscribe
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.