A classic Microsoft 365 housekeeping task and question is how to see all users’ last login date, including guest users. A pity Microsoft is not offering something out of the box. Originally asked and answered by me in the Microsoft Tech Community, I decided to dedicated a quick blog entry for this important admin task.

I would suggest following Powershell script to see all internal and guest user’s last login date and also their consumed licenses. It returns all your licenses as CSV file. This way you may check whether there is someone not logging in and consuming licenses.

Install-Module AzureADPreview -AllowClobber -Force

Connect-AzureAD

$usersexport = [system.collections.arraylist]@()

Get-AzureADUser | % {
    $User = $_
    $UPN = $User.UserPrincipalName
    
    Write-Output "Start analysing $UPN"

    $LoginTime = Get-AzureAdAuditSigninLogs -top 1 -filter "userprincipalname eq '$UPN'" | 
                      select CreatedDateTime
    $Licenses = Get-AzureADUserLicenseDetail -ObjectId $User.ObjectId | 
                      % { $_.ServicePlans | Where {$_.AppliesTo -eq "User"}} |     
                      select -ExpandProperty ServicePlanName
    
    $Export = [pscustomobject]@{
        'DisplayName' = $User.DisplayName; 
        'UserPrincipalName' = $UPN;
        'LastSignInDate' = $LoginTime.CreatedDateTime;
        'Licenses' = $Licenses -join ",";
    }
    
    $usersexport.Add($Export)
    
    Write-Output $Export
}
$usersexport | Export-CSV $Home\LastLogonDate.csv

The only downside here is that depending on your licenses the audit log just reaches back 30 days for the user… which limits this approach a little bit. In the Azure Active Directory you still see the last login date on the UI but you can’t retrieve this via api/script, so far – maybe worth a “RPA” script.