Overview
Active Directory Users dashboard displays in Cayosoft Administrator Web Portal. It is a graphical report that provides a visual overview of the current numbers and statuses of on-premises Active Directory users, hybrid users, Azure Active Directory users, and Azure guests.
To prepare the data for the Active Directory Users dashboard and to update the data regularly, you should navigate to HOME > RULES > Built-in Rules (Pre-configured) > Analytics collection in Cayosoft Administrator console and schedule this runbook to a specific timeframe.
Active Directory Users dashboard settings
Active Directory Users dashboard has several common settings with Active Directory Users web query. For the information about Active Directory Users dashboard settings, please refer to the following article:
Settings specific to Active Directory Users dashboard
Setting name |
Description |
---|---|
Override Active Directory domains |
This setting is deprecated. To limit UPN suffixes when creating new objects in Cayosoft Web Portal, please use Attribute policy. Leave this setting blank to use the default list of domain suffixes. |
How Cayosoft Administrator calculates the number of users for the Active Directory Users dashboard
- Connected AD Forest - the Active Directory Forest with an AD domain, where the Active Directory connection account is located
- Connected tenant - the Azure AD / Microsoft 365 tenant, where the Microsoft 365 connection account is located
Number |
Description |
---|---|
On-prem AD Users |
|
Enabled |
The number of user accounts in the connected AD Forest that satisfies all of the following conditions:
How to check: In Active Directory Users and Computers snap-in, on the user account Properties sheet, Account tab, the Account is disabled checkbox is cleared. |
Disabled |
The number of user accounts in the connected AD Forest that satisfies all of the following conditions:
How to check: In Active Directory Users and Computers snap-in, on the user account Properties sheet, Account tab, the Account is disabled checkbox is set. |
Hybrid Users |
|
Hybrid |
The number of user accounts in the connected tenant that satisfies all of the following conditions:
How to check: In Microsoft Azure > Azure AD blade, open user Profile blade and verify that the User type field is set to "Member", and the Source field is set to "Windows Server AD". |
Azure Only |
The number of user accounts in the connected tenant that satisfies all of the following conditions:
How to check: In Microsoft Azure > Azure AD blade, open user Profile blade and verify that the User type field is set to "Member", and the Source field is set to "Azure Active Directory". |
Azure AD User |
|
Enabled |
The number of user accounts in the connected tenant that satisfies all of the following conditions:
How to check: In Microsoft Azure > Azure AD blade, open user Profile blade and verify that the User type field is set to "Member", and the Block sign-in field is set to "No". |
Disabled |
The number of user accounts in the connected tenant that satisfies all of the following conditions:
How to check: In Microsoft Azure > Azure AD blade, open user Profile blade and verify that the User type field is set to "Member", and the Block sign-in field is set to "Yes". |
Azure Guests |
|
Enabled |
The number of user accounts in the connected tenant that satisfies all of the following conditions:
How to check: In Microsoft Azure > Azure AD blade, open user Profile blade and verify that the User type field is set to "Guest", and the Block sign-in field is set to "No". |
Disabled |
The number of user accounts in the connected tenant that satisfies all of the following conditions:
How to check: In Microsoft Azure > Azure AD blade, open user Profile blade and verify that the User type field is set to "Guest", and the Block sign-in field is set to "Yes". |
Script to collect Active Directory and Azure AD users count manually
To collect users count manually, run the script provided below.
- Run the PowerShell ISE under Administrator
- Copy the script provided below and run it
- The script would first prompt for credentials to your on-premise Active Directory environment, and then to your Azure AD / Microsoft 365 tenant
- See the script output with the counters, described in the table above
# Collect the number of user accounts from on-premise AD and Azure AD
# Version 1.0
# Copyright 2021, Cayosoft Inc
function GetStatistics{
###
$callParams = @{}
$forest = Get-ADForest -Current LocalComputer
$gcServer = "$($forest.GlobalCatalogs[0]):3268"
$callParams.Add("Server", $gcServer)
$callParams.Add("Credential", (Get-Credential -Message "Provide credentials for your on-premise Active Directory environment."))
$adEnabled = (Get-ADObject -LDAPFilter "(&(objectCategory=person)(objectClass=user)(!userAccountControl:1.2.840.113556.1.4.803:=2))" @callParams).Count
$adDisabled = (Get-ADObject -LDAPFilter "(&(objectCategory=person)(objectClass=user)(userAccountControl:1.2.840.113556.1.4.803:=2))" @callParams).Count
###
Install-Module -Name Cayosoft.Graph -Force
$cgraphconnect = Connect-CGraph
$tenantName = ((Get-CGraph organization).VerifiedDomains | ?{ $_.IsInitial -eq $true } | %{ $_.Name })
$allOffice=Get-CGraphResource user -Beta -All
$azEnabled = 0;
$azDisabled = 0;
$azHybbrid = 0;
$azAzureOnly = 0;
$azExternalLicensed = 0;
$azExternalUnLicensed = 0;
$azExternalEnabled = 0;
$azExternalDisabled = 0;
$allOffice | %{
$user = $_
$isLicensed = $user.AssignedLicenses -ne $null -and $user.AssignedLicenses.Count -gt 0
if($user.UserType -eq "Guest"){
#if($isLicensed -eq $True){ $azExternalLicensed +=1; }else{ $azExternalUnLicensed +=1; }
if($user.AccountEnabled -eq $False){ $azExternalDisabled +=1; }else{ $azExternalEnabled +=1; }
}else{
if($user.onPremisesLastSyncDateTime -eq $null){ $azAzureOnly +=1; }else{ $azHybbrid +=1; }
if($user.AccountEnabled -eq $False){ $azDisabled +=1; }else{ $azEnabled +=1; }
}
}
""
""
"==============================================================="
Get-Date
""
"--- On-prem AD Statistics for AD Forest: $($forest.Name). Collected from: $($gcServer)"
""
"On-prem AD Users - Enabled: " + $adEnabled
"On-prem AD Users - Disabled: " + $adDisabled
""
"--- Azure AD Statistics for tenant: $tenantName"
""
"Azure AD Users - Enabled: " + $azEnabled
"Azure AD Users - Disabled: " + $azDisabled
"Hybrid Users - Hybrid: " + $azHybbrid
"Hybrid Users - Azure Only: " + $azAzureOnly
"Azure AD Guests - Enabled: " + $azExternalEnabled
"Azure AD Guests - Disabled: " + $azExternalDisabled
}
GetStatistics
Comments
0 comments
Please sign in to leave a comment.