You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/reports-monitoring/howto-manage-inactive-user-accounts.md
+15-3Lines changed: 15 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -28,7 +28,7 @@ The challenge of this method is to define what *for a while* means for your envi
28
28
29
29
The last successful sign-in provides potential insights into a user's continued need for access to resources. It can help with determining if group membership or app access is still needed or could be removed. For external user management, you can understand if an external user is still active within the tenant or should be cleaned up.
30
30
31
-
## How to detect inactive user accounts
31
+
## Detect inactive user accounts with Microsoft Graph
32
32
33
33
You can detect inactive accounts by evaluating the `lastSignInDateTime` property exposed by the `signInActivity` resource type of the **Microsoft Graph API**. The `lastSignInDateTime` property shows the last time a user made a successful interactive sign-in to Azure AD. Using this property, you can implement a solution for the following scenarios:
34
34
@@ -44,9 +44,9 @@ You can detect inactive accounts by evaluating the `lastSignInDateTime` property
44
44
> [!NOTE]
45
45
> When you request the `signInActivity` property while listing users, the maximum page size is 120 users. Requests with $top set higher than 120 will fail. The `signInActivity` property supports `$filter` (`eq`, `ne`, `not`, `ge`, `le`) *but not with any other filterable properties*.
46
46
47
-
## What you need to know
47
+
###What you need to know
48
48
49
-
This section lists several details about the `lastSignInDateTime` property.
49
+
The following details relate to the `lastSignInDateTime` property.
50
50
51
51
- The `lastSignInDateTime` property is exposed by the [signInActivity resource type](/graph/api/resources/signinactivity) of the [Microsoft Graph API](/graph/overview#whats-in-microsoft-graph).
52
52
@@ -67,6 +67,18 @@ This section lists several details about the `lastSignInDateTime` property.
67
67
68
68
- The last sign-in date is associated with the user object. The value is retained until the next sign-in of the user.
69
69
70
+
## How to investigate a single user
71
+
72
+
If you need to view the latest sign-in activity for a user you can view the user's sign-in details in Azure AD. You can also use the Microsoft Graph scenario described in the [previous section](#detect-inactive-user-accounts-with-microsoft-graph).
73
+
74
+
1. Sign in to the [Azure portal](https://portal.azure.com).
75
+
1. Go to **Azure AD** > **Users** > select a user from the list.
76
+
1. In the **My Feed** area of the user's Overview, locate the **Sign-ins** tile.
77
+
78
+
79
+
80
+
The last sign-in date and time shown on this tile may take up to 24 hours to update, which means the date and time may not be current. If you need to see the activity in near real time, select the **See all sign-ins** link on the **Sign-ins** tile to view all sign-in activity for that user.
81
+
70
82
## Next steps
71
83
72
84
*[Get data using the Azure Active Directory reporting API with certificates](tutorial-access-api-with-certificates.md)
0 commit comments