Adaxes

Check for existing user account after user disable

0 votes

Hello,

When a user is disabled (firstname.lastname@company.com) we would like to to perform a check if a user account "admin-firstname.lastname@company.com" exists in 365/AzureAD/EntraID and send an email with this information. Could this be done with powershell?

Best Regards,

Maarten

by (140 points)

1 Answer

0 votes
by (301k points)
selected by
Best answer

Hello Maarten,

Yes, it is possible. The following SDK article will be helpful: https://www.adaxes.com/sdk/ServerSideScripting.

0

Thanks for the tip. The script below uses Graph API to check for a cloud user matching the user that was just disabled.

# concatenate admin account
$adminuser="admin-%firstname%.%lastname%@yourdomain.com"

#connect to Graph API
$token = $Context.CloudServices.GetAzureAuthAccessToken("https://graph.microsoft.com")
$token = $token | ConvertTo-SecureString -AsPlainText -Force
Connect-MgGraph -AccessToken $token

# E-mail settings
$to = "support@yourdomain.com" 
$subject = "Admin User Found"

if ( Get-MgUser -UserID $adminuser) {
    $body = "User %username% has been disabled and a matching administrator account was found: admin-%firstname%.%lastname%. Check if this adminstrator account also needs to be disabled!"
    $Context.SendMail($to, $subject, $NULL, $body)
}
by (140 points)

Related questions

0 votes
1 answer
I want to be able to set a disable date and time for a user account in the future

This is only to disable user account

asked 1 day ago by Erik Lovlie (20 points)
0 votes
1 answer
After disable user, not user found or show when try enable

After disable user, not user found or show when try to enable...i follow and try many way yet still not showing.. please help i;m using the ... -not-show-disabled-account https://www.adaxes.com/help/PreventUsersFromViewingTheStructure/#change-top-level-node

asked Oct 23, 2023 by kimtienh (20 points)
0 votes
1 answer
Disable Unmanaged Admin account when a user is terminated

We have a custom command that executes to separate/terminate a user. Part of the CC determines if the user has an associated Admin account, which is stored as an Unmanaged ... the user account but we need a way to also disable the associated Admin account.

asked Jul 18, 2023 by sandramnc (870 points)
0 votes
1 answer
Copy group membership from already existing user except for a couple of groups

Is it possible using PowerShell to copy group memberships from an already existing user without copying 2 specific groups named for example test and test 1 ? We are currently ... groups are not included. I can share the PowerShell script if needed. KR, Cas

asked Oct 30, 2023 by Cas (200 points)
0 votes
1 answer
Is there a way to update the account expiry after a user logs into a computer?

Hello, I'm trying to create a business rule that will update a user account expiry date when that user logs in for the first time. I'm new to Adaxes, so I don't have a ... updated by a user's action, such as "Last Logon". Is it possible to make this work?

asked Mar 6, 2024 by sjjb2024 (60 points)
3,677 questions
3,361 answers
8,494 comments
549,321 users