Adaxes

Check for existing user account after user disable

0 votes

Hello,

When a user is disabled (firstname.lastname@company.com) we would like to to perform a check if a user account "admin-firstname.lastname@company.com" exists in 365/AzureAD/EntraID and send an email with this information. Could this be done with powershell?

Best Regards,

Maarten

by (140 points)

1 Answer

0 votes
by (302k points)
selected by
Best answer

Hello Maarten,

Yes, it is possible. The following SDK article will be helpful: https://www.adaxes.com/sdk/ServerSideScripting.

0

Thanks for the tip. The script below uses Graph API to check for a cloud user matching the user that was just disabled.

# concatenate admin account
$adminuser="admin-%firstname%.%lastname%@yourdomain.com"

#connect to Graph API
$token = $Context.CloudServices.GetAzureAuthAccessToken("https://graph.microsoft.com")
$token = $token | ConvertTo-SecureString -AsPlainText -Force
Connect-MgGraph -AccessToken $token

# E-mail settings
$to = "support@yourdomain.com" 
$subject = "Admin User Found"

if ( Get-MgUser -UserID $adminuser) {
    $body = "User %username% has been disabled and a matching administrator account was found: admin-%firstname%.%lastname%. Check if this adminstrator account also needs to be disabled!"
    $Context.SendMail($to, $subject, $NULL, $body)
}
by (140 points)

Related questions

0 votes
1 answer
I want to be able to set a disable date and time for a user account in the future

This is only to disable user account

asked Apr 18 by Erik Lovlie (20 points)
0 votes
1 answer
After disable user, not user found or show when try enable

After disable user, not user found or show when try to enable...i follow and try many way yet still not showing.. please help i;m using the ... -not-show-disabled-account https://www.adaxes.com/help/PreventUsersFromViewingTheStructure/#change-top-level-node

asked Oct 23, 2023 by kimtienh (20 points)
0 votes
1 answer
Disable Unmanaged Admin account when a user is terminated

We have a custom command that executes to separate/terminate a user. Part of the CC determines if the user has an associated Admin account, which is stored as an Unmanaged ... the user account but we need a way to also disable the associated Admin account.

asked Jul 18, 2023 by sandramnc (870 points)
0 votes
1 answer
Copy group membership from already existing user except for a couple of groups

Is it possible using PowerShell to copy group memberships from an already existing user without copying 2 specific groups named for example test and test 1 ? We are currently ... groups are not included. I can share the PowerShell script if needed. KR, Cas

asked Oct 30, 2023 by Cas (200 points)
0 votes
1 answer
Check for entered value before creating user

Hi there we use personal identity number in one of our customattribute. How would you script this so it checks that the number that we specify when filling out the form ... process should be interupted and we then know that that user already has an account.

asked Jun 19, 2019 by ahok (50 points)
3,697 questions
3,380 answers
8,540 comments
549,707 users