Rule description
This rule queries Microsoft 365 for different inactivity criteria and suspends inactive users or guests according to current Cayosoft Suspend Settings.
When to use this rule
Use this rule to suspend inactive Office 365 user accounts. You can specify the number of days for the user to be inactive in Microsoft 365 before it is suspended.
Remember to configure the Office 365 user account suspend settings in the Suspend | Office 365 User rule.
Rule Settings
Query Section
Setting name | Description |
---|---|
Query criteria |
Query criteria are sent with the query and may improve query performance. Tip: For different samples on the criteria builder, see KB20180410-1.
|
User type |
Specify members, guests or both should be suspended. |
Last Microsoft 365 sign in (days ago) |
Set a minimum number of days past since a user signs in to Microsoft 365. Use 0 to disable this check. Note: Using this parameter requires an Azure AD Premium P1/P2 license in the tenant.
|
Last Microsoft 365 service access (days ago) |
Set a minimum number of days past since a user accesses Microsoft 365 services. This queries the dates of the Microsoft activities report and takes the most recent service activity date across all services. |
Minimum license assignment age (days) |
Set a minimum number of days past the license assignment to avoid counting new users as inactive. Use 0 to ignore the license assignment date. |
Other Query Settings |
|
Properties to display |
To display additional properties for each object found by the query, add those properties to the list. |
System properties |
List of properties required for this rule to be executed correctly. |
Post query-filter |
To hide unwanted data based on criteria, not supported by Microsoft 365 query, set the filtering conditions here. |
Sort by |
Sort result object list. |
Limit result set |
The maximum number of mailboxes returned from Office 365. The default value is taken from Maximum returned results setting on Home > Configuration > Microsoft Office 365 settings. |
MSGraph query condition (OData) |
By default Query criteria is used. But when it is specified, it overrides the Query criteria setting. Example: find all Teams with displayname starting from 'Team.' (startswith(displayName,'Team')) |
Initialization script |
Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule. Due to PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where initialization script can help. You can initialize a global variable in this setting and then use it in query criteria. Important: To use a variable, declared in initialization script, in the query scope, it must be global: $global:<variable name>.
Example: Update AD users, created in the last ten days.
{$global:DatePeriod = (Get-Date).AddDays(-10)}
|
MS Graph advanced queries |
Enables consistency level eventual which uses an index that might not be up-to-date with recent changes to the object. |
Output Section
This section defines the output format of this rule.
To get more information about this section, please see the Output section article.
Enforce/Schedule section
This section defines the schedule for how often to run the rule.
To get more information about this section, please see the Enforce/Schedule section article.
Change History
Version | Notes |
---|---|
8.2.0 | MS Graph advanced queries setting is added. |
8.1.0 | Guests suspension was added. |
8.0.1 | Last Microsoft 365 sign in (days ago), Last Microsoft 365 service access (days ago) settings are added. |
Comments
0 comments
Please sign in to leave a comment.