Support
 
PhoneGet Quote
 
Support
 
US Sales: +1 888 720 9500
US Support: +1 844 245 1108
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9890

 
 

How to identify inactive users in Microsoft Entra ID

Inactive users linger in an organization due to improper deprovisioning of former employees and service accounts. Leaving these accounts unchecked leads to waste of licenses and security risks. These accounts could give attackers access to numerous sensitive groups that the users are a part of.

Microsoft Entra ID (formerly Azure AD) doesn't offer a direct way to obtain a list of inactive users. However, using the Access Review feature, reviewers can identify accounts that haven't been active for a set number of days.

M365 Manager Plus, the holistic M365 administration and security solution, generates a report that displays the list of inactive users. The table below compares how you can identify inactive users using Microsoft Entra ID and M365 Manager Plus.

Microsoft Entra ID

Steps to identify inactive users using Entra ID:

  1. Log in to Microsoft Entra ID as an Identity Governance Administrator.
  2. Navigate to Identity Governance > Access Reviews and select New access review.
  3. On the next page, choose Teams + Groups as the review type.
  4. For the review scope, choose Select Teams + groups.
  5. Click + Select group(s) and choose the desired group from the list.
  6. Select the Inactive users (on tenant level) only option and specify the number of days an account should be inactive. Click Next.
  7. In the Reviews page, select the reviewers for the task and click Next.
  8. In the Settings page, specify what actions should occur upon completion of the review and click Next.
  9. On the Review + Create page, define a name for the review task and click Create.

M365 Manager Plus

Steps to find inactive users in M365 Manager Plus:

  1. Navigate to Reports > Azure Active Directory > User Reports.
  2. Under User Logon Reports, select Inactive Users.
  3. Select the domains and groups using the Filter By option.
  4. Select the inactive period using the drop-down and click Generate Now.
    A report generated on inactive users using M365 Manager Plus

What to do after you identify inactive users?

After identifying inactive users, you can block or disable them to prevent any security risks. Microsoft Entra ID lets you disable users by changing their account status.

To do this, navigate to Users > All users and click the user that you'd like to disable. Under My Feed, click Edit in the Account status section. Uncheck the Account enabled box and click Save. You'll have to repeat this process for each inactive account.

On the contrary, M365 Manager Plus enables you to automate the entire process of finding inactive users and blocking them in bulk, helping you save time and repetitive effort. Follow the steps below to automate the process of blocking inactive users in M365 Manager Plus.

  1. Navigate to Automation > Create New Automation.
  2. Select Block Users as the task.
  3. Select Inactive Users as the report from which the objects will be imported.
  4. Select the frequency at which the automation must be run.
  5. Click Save.

Configuring an automation on identifying and blocking inactive users with M365 Manager Plus

Limitations of using Microsoft Entra ID to identify and disable inactive users

  • The user requires the Identity Governance Administrator role to perform this operation.
  • Getting a list of inactive users using Access Reviews is a roundabout approach that takes a long time.
  • Each inactive user must be disabled individually.

Benefits of using M365 Manager Plus to identify and disable inactive users

  • Simplified delegation: Empower non-admin users (technicians) to manage inactive users and more without elevating their Microsoft 365 privileges.
  • Straightforward reports: Gain a thorough understanding of your environment in Microsoft Entra ID, Exchange Online, SharePoint Online, OneDrive for Business, and other Microsoft 365 services from a single console.
  • Bulk operations: Block or unblock multiple inactive users in bulk and eliminate repetitive actions.
  • Script-free experience: Manage users, groups, mailboxes, sites, and contacts effortlessly without PowerShell scripting.
  • Granular insights: Keep tabs on even the most granular user activities in your Microsoft 365 environment.
  • Ensure peak performance: Monitor the health and performance of Microsoft 365 features and endpoints around the clock.

Effortlessly schedule and export reports on your Microsoft 365 environment.

Try now for free

  • Streamline your Microsoft 365 governance and administration with M365 Manager Plus

Related Resources

A holistic Microsoft 365 administration and security solution
 
x