M365Corner
PowerShell

Fetching Recently Created Users in Microsoft 365 using Graph PowerShell

Microsoft 365 administrators often need to track recently created user accounts for security audits, compliance checks, and IT reporting. By using Microsoft Graph PowerShell, we can efficiently retrieve all users created within the last 90 days and display relevant details such as UserPrincipalName (UPN), Email Address, and Display Name.

This article provides a PowerShell script to fetch and display these users in the console.

PowerShell Script to Fetch Recently Created Users

# Connect to Microsoft Graph (Ensure you have necessary permissions)
Connect-MgGraph -Scopes "User.Read.All"
                                
# Get the date 90 days ago from today
$startDate = (Get-Date).AddDays(-90).ToString("yyyy-MM-ddTHH:mm:ssZ")
                                
# Fetch users created in the last 90 days
$recentUsers = Get-MgUser -All -Filter "createdDateTime ge $startDate" -Property UserPrincipalName, DisplayName, Mail, createdDateTime
                                
# Display results in console
$recentUsers | Select-Object UserPrincipalName, Mail, DisplayName, createdDateTime | Format-Table -AutoSize

How the Script Works

  1. Connects to Microsoft Graph API: The script authenticates using Connect-MgGraph with the User.Read.All permission.
  2. Retrieves the Date 90 Days Ago: Uses Get-Date and converts it to an ISO 8601 timestamp.
  3. Fetches Users Created Within This Timeframe: The -Filter parameter ensures only users created on or after the 90-day mark are retrieved.
  4. Displays User Information: Outputs relevant fields (UserPrincipalName, Mail, DisplayName, createdDateTime) in a formatted table.

Further Enhancements

  • Export to CSV for Reporting: Save the retrieved user list for later analysis.
    • $recentUsers | Select-Object UserPrincipalName, Mail, DisplayName, createdDateTime | Export-Csv -Path "C:\Users\RecentUsers.csv" -NoTypeInformation -Encoding UTF8
  • Filter by Department: Retrieve only users from a specific department.
    • $recentUsers = Get-MgUser -All -Filter "createdDateTime ge $startDate and department eq 'IT'" -Property UserPrincipalName, DisplayName, Mail, createdDateTime
  • Automate the Script for Periodic Audits: Schedule the script in Task Scheduler to run weekly or monthly and send an email report.

Use Cases

  • Security & Compliance: IT teams can track new user accounts to detect unauthorized access attempts. New user accounts should align with internal security policies, and unexpected additions can be flagged for investigation.
  • HR & Onboarding HR teams can use this script to verify that new employees have been successfully added to Microsoft 365. This ensures that newly hired employees have active accounts before their official start date.
  • Licensing & Cost Management: Organizations with limited Microsoft 365 licenses need to monitor newly created users to ensure that they are assigned the correct licenses. This prevents overspending on unnecessary licenses or missing out on required ones.
  • User Auditing & Reporting: IT administrators can generate monthly or quarterly reports on new users to analyze hiring trends, check for anomalies, or assist in internal user audits.
  • Access Control & Permissions Management: By tracking new users, administrators can review their roles and access permissions. This helps in ensuring that new employees are granted the right level of access based on their job responsibilities.
  • Mergers & Acquisitions: When companies merge or acquire new entities, there is often a bulk user migration. This script can help track new user accounts added during the transition phase and ensure that all necessary accounts have been created properly.

Possible Errors & Solutions

Error Cause Solution
Invalid filter clause Incorrect OData syntax in the -Filter parameter Ensure that createdDateTime is formatted correctly (ISO 8601)
Access Denied Insufficient permissions Assign User.Read.All permissions to the connected account
No users returned No users created in the last 90 days Adjust the date range to fetch data for a longer period

Conclusion

This Graph PowerShell script allows Microsoft 365 administrators to efficiently fetch and track newly created users within a specific timeframe. Whether for security audits, HR onboarding, or compliance tracking, this script provides a quick way to retrieve essential user information. By extending it with CSV exports, email notifications, and automation, IT teams can streamline user management processes.

Table of Contents

X

Table of Contents

© m365corner.com. All Rights Reserved. Design by HTML Codex