How to filter like the O365 portal: Sign-in Allowed

This post is a part in a series of blog post which explains how to reproduce the filters which are provided by the O365 admin portal. With PowerShell scripting! This time let me show how to find users which are NOT blocked for sign in.

Getting a list of users which are not blocked with PowerShell

This is the filter we want to reproduce:

Screenshot of the O365 Admin portal: Filter for users which are not blocked (sign-in allowed)

To get a list of all guest user accounts in your O365 / Azure AD tenant by script, use this PowerShell command. We are lucky: There is a server-side filter usable for this…

Get-AzureADUser -Filter 'AccountEnabled eq true'

You could also use the old MSOL module:

Get-MSOLUser -All | Where {-not($_.BlockCredential)}

Please note that this MSOL-style filter is nowhere near as effective as the first filter command with the AzureAD module. MSOL has no server-side filtering for this property. So we have to load the full list of users first from the Azure AD backend and then filter it locally – that may take a LOT longer.

Scripting up in the Cloud

…a guy playing around with Powershell and Azure AD

Leave a Reply Cancel reply