powershell Microsoft图表-从结果报告中删除空值

y53ybaqx  于 2023-02-16  发布在  Shell
关注(0)|答案(2)|浏览(162)

我在Graph筛选空值时遇到问题。总体目标是生成一个非活动报告,以报告上次登录时间超过90天的用户。许可证通过组分配,位于****extensionattribute 15中。脚本如下所示:

# Azure AD Enterprise App for authentication to the 84 tenant
$AppId = "X"
$TenantId = "X"
$AppSecret = 'X'

# Construct URI and body needed for authentication
$uri = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token"
$body = @{
    client_id     = $AppId
    scope         = "https://graph.microsoft.com/.default"
    client_secret = $AppSecret
    grant_type    = "client_credentials" }

# Get OAuth 2.0 Token
$tokenRequest = Invoke-WebRequest -Method Post -Uri $uri -ContentType "application/x-www-form-urlencoded" -Body $body -UseBasicParsing

# Unpack Access Token
$token = ($tokenRequest.Content | ConvertFrom-Json).access_token

# Base URL
$headers = @{Authorization = "Bearer $token"}

# Get User sign in data
Write-Host "Accessing the Graph to get user sign-in data..."
$URI = "https://graph.microsoft.com/beta/users?`$filter=startsWith(extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute15,'E') or startswith(extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute15,'f') or startswith(extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute15,'k')&$select=displayName,userPrincipalName, mail, department, jobTitle, extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute14, extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute15, accountEnabled, signInActivity, UserType, id&`$expand=manager(`$select=displayName,userPrincipalName)&`$top=999"
$SignInData = (Invoke-RestMethod -Uri $URI -Headers $Headers -Method Get -ContentType "application/json") 
$Report = [System.Collections.Generic.List[Object]]::new() 

Foreach ($User in $SignInData.Value) {  
   If ($Null -ne $User.SignInActivity)     {
      $LastSignIn = Get-Date($User.SignInActivity.LastSignInDateTime) -format g
      $DaysSinceSignIn = (New-TimeSpan $LastSignIn).Days }
   Else { #No sign in data for this user account
      $LastSignIn = "Never" 
      $DaysSinceSignIn = "N/A" }
## Report headers and variables 
   $ReportLine  = [PSCustomObject] @{
       
     UPN                = $User.UserPrincipalName
     DisplayName        = $User.DisplayName
     Email              = $User.Mail
     SignInStatus       = $User.accountEnabled
     Department         = $User.department
     AADLastSignIn      = $LastSignIn
     JobTitle           = $User.jobTitle
     JobCode            = $User.extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute14
     License            = $User.extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute15
     Manager            = if($User.manager) { $User.manager.userPrincipalName } Else {$null}
}
   $Report.Add($ReportLine) 
}

# Check for additional data to obtain
$NextLink = $SignInData.'@Odata.NextLink'

While ($NextLink -ne $Null) { # If so, proceed with processing the additional data.
   Write-Host "Still processing..."
   $SignInData = Invoke-WebRequest -Method GET -Uri $NextLink -ContentType "application/json" -Headers $Headers
   $SignInData = $SignInData | ConvertFrom-JSon
   ForEach ($User in $SignInData.Value) {  

   If ($Null -ne $User.SignInActivity)     {
      $LastSignIn = Get-Date($User.SignInActivity.LastSignInDateTime) -format g
      $DaysSinceSignIn = (New-TimeSpan $LastSignIn).Days }
   Else { #No sign in data for this user account
      $LastSignIn = "Never" 
      $DaysSinceSignIn = "N/A" }
     
   $ReportLine  = [PSCustomObject] @{  
     UPN                = $User.UserPrincipalName
     DisplayName        = $User.DisplayName
     Email              = $User.Mail
     SignInStatus       = $User.accountEnabled  
     Department         = $User.department
     AADLastSignIn      = $LastSignIn
     JobTitle           = $User.jobTitle
     JobCode            = $User.extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute14
     License            = $User.extension_1fe7973b28e74213b897d62528e614c7_extensionAttribute15
     Manager            = if($User.manager) { $User.manager.userPrincipalName } Else {$null}
}
     $Report.Add($ReportLine) } 

   # Check for more data
   $NextLink = $SignInData.'@Odata.NextLink'
}

$Report | Sort DisplayName | Out-GridView

脚本输出的用户有许可证,但所有的最后一次登录都是“从不”,而不是他们的实际日期。删除过滤器当然会得到他们的实际最后一次登录日期,但输出的是所有非许可用户和许可用户。
有人对我可以做的任何编辑有任何建议吗,或者有更好的方法来过滤extension 15的非值吗?我不确定过滤$Reportline以下的值是否会更有效。任何帮助都是非常感谢的!!!

tcbh2hod

tcbh2hod1#

还有另一种检测非活动用户的方法:

signInActivity资源类型仅在Microsoft Graph beta终结点上可用,在美国政府GCC高级环境中尚不受支持。
有关详细信息,请访问:https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/howto-manage-inactive-user-accounts#how-to-detect-inactive-user-accounts

8fq7wneg

8fq7wneg2#

从过去的经验来看,每次我使用这样的东西时都会出现问题
您正在使用的If ($Null -ne $User.SignInActivity)
不妨尝试一下
If (-not[string]::IsNullOrEmpty($User.SignInActivity))
变量可以是空字符串,而不是完全为$null的变量
希望我的猜测能帮助你实现你想做的事情

相关问题