0 votes

We have some users who work offsite and rarely authenticate to our local domain controllers but they frequently log into our M365/Entra environment. Will the adm-InactivityDuration freshen when they login into Entra even if they haven't logged into local AD in a long time? I'm worried about these users getting automatically deprovisioned by rules making use of adm-InactivityDuration.

Edit: I just tested using reports and one of these users and this does not appear to be the case, even though our Entra tenant is linked also and the user isn't considered "inactive" there. Is there a way to check if they are inactive in both local AD and Entra before proceeding?

by (40 points)

1 Answer

0 votes
by (293k points)

Hello,

Will the adm-InactivityDuration freshen when they login into Entra even if they haven't logged into local AD in a long time?

No, it will not. The property value will only update when the actual on-premises user account logs on to the system.

Is there a way to check if they are inactive in both local AD and Entra before proceeding?

Yes, it is possible. You can use the If is inactive <period> to check activity of the on-premises account itself and the following script from our repository to check the Microsoft Entra part: https://www.adaxes.com/script-repository/check-if-account-is-inactive-in-azure-ad-longer-than-a-period-of-time-s662.htm.

Related questions

0 votes
1 answer

I'm wondering if at any point you will be including the ability to manage Cloud Only accounts. Use case scenarios: Create Guests Create Cloud Only Groups Add Guests and AD Users to Cloud Only Groups

asked Jul 29, 2020 by ComputerHabit (790 points)
0 votes
1 answer

I enabled 2FA for common signing and it's applied to each portal. I am using separate account for testing purposes to see how changes affect for other users and for everyday ... possible? I am also wondering how to reset and/or remove 2FA from test account?

asked Dec 23, 2020 by juhota (210 points)
0 votes
1 answer

I've created new Adaxes instance (23.2) in my test environment. I've added managed domain of "cloud domain" type and connected this tenant via Microsoft 365 cloud ... section. I've modified Forms and views according the tutorial too What am I missing?

asked Sep 24 by KIT (960 points)
0 votes
1 answer

In order to create an Entra, cloud only account, is the only requirement to connect Adaxes to my Entra domain so that Adaxes can manage it?

asked Sep 6 by cewilson (190 points)
0 votes
0 answers

Hi all Primary objective is to manage cloud only group membership but in a future include cloud only accounts. I've registered a Azure domain which is managed by ... /www.adaxes.com/questions/12293/add-to-365-group-automation-for-new-account-creations Thanks

asked May 31 by MinorDruid (20 points)
3,574 questions
3,263 answers
8,282 comments
548,008 users