14 Comments
May 3Liked by Brady Widener

This script worked great and was exactly what i was looking for

Expand full comment

Brady,

Thank you for the PowerShell script. I have added it to my tech arsenal. There is one other way I am aware of to get this info and it is the only reason we ever use the Intune Education Portal (https://intuneeducation.portal.azure.com/). Dashboard > Devices > select your device > Recent check-ins. There will be a drop down that lists each user that has logged into the device. Will be interesting to see if the results match the script output. Not sure why Microsoft does not appear to surface the Recent Check-ins option anywhere else that I can find.

Expand full comment
May 3Liked by Brady Widener

Although the script works like a champ this method also works and is much easier. thanks!

Expand full comment
author

Agreed! Didn't know it was an option in Intune Edu before I made it, but never hurts to have a CLI option as well!

Expand full comment

No worries. I love the script option too and thanks so much for it. I was wondering what syntax is needed for your script to give a couple options after looking up a device. It would be great if it gave the option to look up another device instead of just exiting.

Expand full comment
author

Good point!

The entire thing is written in powershell. I may work on that here in a bit, but that should definitely be do-able.

Expand full comment
author

Long time no see, Charles!

Thank you! I had no idea it was available on the Intune Education portal. After comparing, it looks like it gives you the same users and their most recent login on the device, but not older logins from the same user. Not sure how often that information would be needed, but regardless, a very handy page. Thanks!

Expand full comment

Thanks for the script, how far back will this show the logins for? I ran it and it seems to only give me a result if they logged into the device the same day you run the script.

Thanks

Expand full comment
author

Hi Kevin, it looks like the max is 30 days as Entra does not retain data further back than that.

https://learn.microsoft.com/en-us/entra/identity/monitoring-health/reference-reports-data-retention#how-long-does-azure-ad-store-the-data

Do you know if there were other logins to the device within the last 30 days? On my end, I'm able to pull up some devices with logins from a week or two prior.

Expand full comment

Hello Brady,

Thanks for the fast reply. I just did some testing it looks like the unit I was checking checked in with Intune on 2/22/2024, 8:07:44 AM but the person must not have actually logged in as I do not see anything for the lastuser when I run the script. I tested a different computer that I know was used and it went back to 1/25/2024 so it seems to be working. Thanks for the script and for your time. Have a great day. Kevin

Expand full comment

Getting this error when running in Powershell 7. I'm no PS expert. How can I give permissions to the app?

"Application is not authorized to perform this operation. Application must have

| one of the following scopes: DeviceManagementManagedDevices.Read.All,

| DeviceManagementManagedDevices.ReadWrite.All - Operation ID (for customer support):

Expand full comment
author

Whoops! Looks like I forgot to add a scope in the version posted to github. I will correct it in just a moment. I believe if you replace the connect mg graph line (line 8) with this, it should work. Thank you for pointing it out!

Connect-MgGraph -Scopes "User.Read.All", "DeviceManagementManagedDevices.Read.All" -NoWelcome

Also, I don't believe it should cause any issues, but just wanted to note that I ran this script originally on Windows Powershell. Don't think it'll make a difference, but just wanted to mention it.

Thanks!

Expand full comment
Jan 18Liked by Brady Widener

You're a star! It worked a treat.

Expand full comment

Corrrect. I am looking forward to seeing the older login info with your script.

Expand full comment