0 votes

We use DirSync/AAD Connect (without write-back) and we have some users that use email in the cloud and never authenticate to the on-prem domain controllers. Therefore, we cannot rely on the lastlogondate attribute to report on inactivity for these users. Has anybody come up with a good way in Adaxes to deal with this scenario? I know there are quite a few options to find inactive users in O365, but I'm curious to see if anybody has found which one might work the best in an Adaxes scheduled task for example.

by (540 points)

1 Answer

0 votes
by (216k points)
selected by
Best answer


For this purpose, we recommend using a Business Unit and a Scheduled Task. Business Units are virtual collection of objects grouped together based on a certain criteria. You can create a Business Unit for users who haven't logged on to their Exchange Online mailboxes for a certain period of time. To find such users, you can use a PowerShell script. With the help of a Scheduled Task, you can run the script on a periodical basis to update the Business Unit automatically. For example, you can run it once a day.

Then, you can use the Business Unit everywhere in Adaxes. For example, you can use it in Activity Scopes of Business Rule and Scheduled Tasks or Assignment Scopes of Security Roles.

To implement this, you need to do the following:
I. Create Business Unit
To create a Business Unit that will hold users inactive in Exchange Online, you need to do the following:

  1. In the Console Tree of Adaxes Administration Console, right-click your Adaxes Service and select New \ Business Unit.
  2. Enter a name for it and click Next.
  3. Click Add.
  4. Select Specific Objects.
  5. Click Add.
  6. Select any user and click OK. It doesn't matter which user you add, it will be used only to create a new Business Unit.
  7. Click Finish.

II. Create Scheduled Task
To create a Scheduled Task that will populate the Business Unit with inactive users, do the following:

  1. In the Console Tree of Adaxes Administration Console, right-click your Adaxes Service and select New \ Scheduled Task.
  2. On Step 3, select User.
  3. On Step 4, add the Run a program or PowerShell script action and paste the following script from our repository: http://www.adaxes.com/script-repository ... t-s509.htm.
  4. Modify the parameters of the script. Set $businessUnitName to the name of the Business Unit you created on step I.
  5. Enter a short description for the script and click OK.
  6. On the final step, set the Activity Scope of the task to include the users you are interested in.

Related questions

0 votes
1 answer

How to deal with approval requests in a AD and AAD environment? I have recently created a workflow where I log on as a AD user and request to be a member of a AAD group, ... of member works despite the initial request was based on a AD user and not a AAD user.

asked May 2 by Daniel (60 points)
0 votes
0 answers

Starting from Adaxes 2023, you can manage Azure AD users, groups, and resource mailboxes that are not synchronized with an on-premises AD domain. However, having a registered ... the entire Azure AD domain in the scope of your Microsoft 365 tenant in Adaxes.

asked Feb 16 by Adaxes (550 points)
0 votes
1 answer

Hi When reading the REST API documentation it does not mention working directly against Azure AD and Exchange Online. Will this be added? Thanks /Peter Sonander

asked Jan 26 by Sonander (40 points)
0 votes
1 answer

I have to do a weekly Inactiviy Report for Accounts that have not logged in for 30 days or more. 1 of the reports is for Internal users BUT there is an Account ... Adaxes and working on the product, and i need to get all my reporting done through Adaxes

asked Nov 14, 2022 by dtorannini (80 points)
0 votes
1 answer

I'm wondering if at any point you will be including the ability to manage Cloud Only accounts. Use case scenarios: Create Guests Create Cloud Only Groups Add Guests and AD Users to Cloud Only Groups

asked Jul 29, 2020 by ComputerHabit (790 points)
3,231 questions
2,932 answers
535,360 users