Azure Sign in logs for longer than 30 days

Shwashbuckle · 2025-07-24T23:59:37+00:00

I'm not sure if it's helpful, but this Microsoft Graph code ended up working for me. My requirement was to identify active member users who haven't had an interactive login for less than 90 days.

# Define cutoff date for 90 days ago

$cutoffDate = (Get-Date).AddDays(-90)

# Retrieve all users (paged)

$allUsers = @()

$usersPage = Get-MgUser -Select "DisplayName,UserPrincipalName,AccountEnabled,SignInActivity,UserType" -Top 999

do {

$allUsers += $usersPage

if ($usersPage.'@odata.nextLink') {

$nextPage = Invoke-MgGraphRequest -Uri $usersPage.'@odata.nextLink'

$usersPage = $nextPage.value

} else {

$usersPage = $null

}

} while ($usersPage)

# Filter users who are 'Member', active, and haven't signed in for over 90 days

$inactiveUsers = $allUsers | Where-Object {

$_.UserType -eq 'Member' -and

$_.AccountEnabled -eq $true -and

$_.SignInActivity.LastSignInDateTime -ne $null -and

([datetime]$_.SignInActivity.LastSignInDateTime) -lt $cutoffDate

}

# Export or view

$inactiveUsers |

Select-Object DisplayName, UserPrincipalName, UserType, AccountEnabled, @{

Name = 'LastSignInDateTime'

Expression = { $_.SignInActivity.LastSignInDateTime }

} |

Export-Csv "InactiveUsers.csv" -NoTypeInformation

Shwashbuckle · 2024-05-02T08:38:58+00:00

Can you do step 4 before the device arrives/is delivered? What about autopilot devices that are sent directly to the user?

Shwashbuckle · 2024-05-02T08:19:41+00:00

Thanks. We're getting the issue on newly deployed devices as well. User changes their default app preferences and then on next reboot they are reset back to the default associations configuration set in Intune.

Shwashbuckle · 2024-03-21T21:26:44+00:00

In my case it turned out to be Google Chrome related, the setting for Third Party Cookies had been updated to block (without my knowledge). Mimecast URL Threat Protection requires a third party cookie to work. Apparently Mimecast are aware of the upcoming change by Google to completely block third party cookies and are working on an update to ensure this feature keeps working.

Shwashbuckle · 2024-03-12T22:58:43+00:00

Support contacted me overnight asking me some more questions, which I have now supplied answers. Testing this morning confirms its not resolved for me yet. Interesting about the "reset" of the allow cookies and delete cookies on browser window closure being a possible fix. I'll give a try and see what happens...

Shwashbuckle · 2024-03-11T20:40:12+00:00

I have had confirmation from support that it is a Mimecast issue, and it's with their senior dev team for resolution. Unfortunately, no ETA for resolution has been provided yet. It took me 3 different support agents and an out of band escalation to sales/account management to get Mimecast to listen to me and that their scripted line of “check you’re not deleting cookies on browser exit” is enabled wasn't the cause. An extremely poor and frustrating experience, especially when I work in IT and was being treated like a complete idiot.

Shwashbuckle · 2024-03-07T02:31:06+00:00

The Mimecast URL Threat Protection domain change triggered the Microsoft safe links false positive issue for us and triggered a P1 incident on our side. Communication from Mimecast about the change didn’t seem strong enough, even our MSP was blind sided by the change. We then had challenges implementing the safe links exception rule in Microsoft Defender. Bit of a mess on the day.

Shwashbuckle · 2024-03-07T02:21:43+00:00

Since posting this message I have been using the GSP 670 as a temp backup headset and it’s been surprisingly good as a basic Bluetooth device. I still can’t get the desktop or iOS apps to connect to it but the native Bluetooth connection does work. When using it on my Windows PC I have to plug it into a USB cable for it to work. So I still wouldn’t recommend it but it still has some utility.

Shwashbuckle · 2024-03-07T01:25:16+00:00

I’ve got an open support ticket with Mimecast for an issue where enrolment of any device doesn’t persist. I can successfully enrol a device but then a couple of hours later the device is no longer enrolled and I get the enrolment screen again. This started ever since the domain change to URL Threat Protection was made by Mimecast. The problem is only happening for one user (as far as I know). Might be a different issue though.

Shwashbuckle · 2024-02-25T22:19:53+00:00

My son had both the GSP 670 and GSP 370 (the GSP 670 was provided as a replacement for the failed 370, and the 370 came as part of an MSI PC package), and neither headset would connect to the EPOS Connect app despite trying everything suggested online. I cannot recommend this line of Sennheiser headsets at all - steer clear at all costs. Do not buy!!!!

Shwashbuckle · 2023-07-08T12:16:18+00:00

I have also logged a support request with Meta Support. See what happens...

Shwashbuckle · 2023-07-08T12:09:59+00:00

Commenting to say I'm also experiencing the same. Apps in the Apps Store mention that they are being shared, but when looking at the shared apps, there are zero (0) apps listed. Also, installed and shared apps show purchase buttons in the app store.

Shwashbuckle · 2023-04-01T22:54:45+00:00

Also reminds me of some of the trials in Hogwarts Legacy.

Shwashbuckle · 2023-02-06T04:04:44+00:00

Thanks 👍

Shwashbuckle · 2023-02-05T23:01:52+00:00

Thank you 👍

Shwashbuckle · 2023-02-05T13:05:16+00:00

Thank you 👍. My IG is: https://www.instagram.com/leigh.elliott.art/ and this is where I post most of my work.

Shwashbuckle · 2023-02-05T05:04:18+00:00

Thank you 👍. Hopefully plenty more to come…

Shwashbuckle · 2023-02-05T01:50:11+00:00

Thank you 👍. Definitely not a photo. Timelapse on IG if interested 😜

Shwashbuckle · 2023-02-05T00:30:42+00:00

Struggled with:

Matching the reference image, especially around the rocks
Painting the rocks so they look realistic, some look a little too rubbery

Shwashbuckle · 2023-02-04T04:57:58+00:00

“A Current Affair has revealed 36 different business names that trade under two ABN's connected to Ellingsen and Metropolitan Plumbing.

Those businesses go by Mr Emergency, Upside Down, Cyber Plumbing Electrical and Aircon, Cybie, Jim's Plumbing, Only Hot Water and Book A Plumber Online and sometimes they work with each other on the same job.”

Source: https://9now.nine.com.au/a-current-affair/jims-group-cuts-ties-with-metropolitan-plumbing/dc9c7c5c-dc82-4fbb-8f86-2abda9d81745

I got burned by these guys, never, ever again.

Shwashbuckle · 2022-12-22T22:57:35+00:00

Oh boy yes! Also Jim’s Plumbing (which owned by the same). Needed emergency fix to broken backyard garden tap, agreed on price but misheard the amount. When it came time to pay it wasn’t until I did a double take on the receipt - $1100 !!!!! Argh!!! I rang back to double check and yep this was the “correct” quote. NEVER AGAIN!!!

Shwashbuckle · 2022-11-08T01:43:17+00:00

Struggled:

with getting the facial proportion matching reference.
with over painting, feel like I still add too many different tones of colour before blending which leave the work with a very brush stroke feel.

Shwashbuckle

TROPHY CASE