CODEWITHSUNDEEP
sqlazurepowershellazure-active-directory
Vel
Vel

Reputation: 75

Get-AzureADUser - ALL - PowerShell Slow Get all users and users who made changes to account

I am working with Azure AD and need to get all users and export it into csv file and finally put it into SQL.

At this moment we have about 10,000 users. The problem is the PowerShell command [Get-AzureADUser – ALL] it’s SUPER SLOW!! It takes about 58 minutes to complete the task. Today we noticed that some users made changes to their account. I need to update the whole list to find the changes made.

My questions is:

1) Is there a faster way I can get ALL users?

2) How can I only find users who made changes to their account?

Powershell script:

$aadUsers = Get-AzureADUser -All $true | Select DisplayName, ObjectId, userType,GivenName

Upvotes: 1

Views: 16058

Answers (2)

Michael Cannard
Michael Cannard

Reputation: 1

Get-msoluser -all | select DisplayName, ObjectId, userType, FirstName
Get-msoluser -all | select *
Get-msoluser -all | Where {$_.city -eq 'chicago'}

This module seems quite a bit faster.

Upvotes: 0

Jim Xu
Jim Xu

Reputation: 23141

According to my research, if we want to get the users' changes, we have two ways to do that

  1. Track changes to users with Users audit logs.

    We can use Azure AD Powershell command Get-AzureADAuditDirectoryLogs to get Users audit logs. For more details, please refer to https://learn.microsoft.com/en-us/powershell/module/azuread/get-azureadauditdirectorylogs?view=azureadps-2.0-preview

Install-module AzureADPreview
Connect-AzureAD
Get-AzureADAuditDirectoryLogs -All $true -Filter "Category eq 'UserManagement' and result eq 'success'"

enter image description here

  1. Track changes to users with Microsoft Graph delta query The API is as below
Get https://graph.microsoft.com/v1.0/users/delta

For example

GET https://graph.microsoft.com/v1.0/users/delta?$select=displayName,givenName,surname

enter image description here

If your response is too big, it will return @odata.nextLink in the response. Then you can directly use the link to get the next page response. At the last page response, it will return @odata.deltaLink in the response. You can save it and directly use the link to get the changes in next time. For more details, please refer to https://learn.microsoft.com/en-us/graph/delta-query-users

Upvotes: 1

Related Questions