[codex] Improve guest and user sign-in review reports#17
Conversation
- add successful sign-in data and review cues to user and guest reporting - add dedicated cloud-only member and external account review slices - expand guest/external sorting views for stale, privileged, licensed, and no-successful-sign-in accounts
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8030e5ebb6
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| LastSuccessfulSignInDateTime = if ($Guest.SignInActivity) { $Guest.SignInActivity.LastSuccessfulSignInDateTime } else { $null } | ||
| LastSuccessfulSignInDaysAgo = $LastSuccessfulSignInDaysAgo | ||
| NeverSignedIn = ($null -eq $LastSignInDaysAgo -and $null -eq $LastNonInteractiveSignInDaysAgo) | ||
| NeverSuccessfullySignedIn = ($null -eq $LastSuccessfulSignInDaysAgo) |
There was a problem hiding this comment.
When SignInActivity is unavailable (for example, tenants running without the extra audit permission), LastSuccessfulSignInDaysAgo is $null, and this code marks every such guest as NeverSuccessfullySignedIn = $true. That inflates the new “No Successful Sign-in” counters/tabs and mixes unknown telemetry with true no-success accounts. Get-MyUser already distinguishes this case by setting the flag to $null, so the guest path should do the same to keep reports accurate.
Useful? React with 👍 / 👎.
- keep missing guest sign-in activity distinct from true no-successful-sign-in cases - restore successful sign-in guest fields used by the external account report
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: cbd1065003
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| $OutputUser['Licenses'] = $LicensesList | ||
| $OutputUser['Plans'] = $Plans | ||
|
|
||
| $IsCloudOnlyMemberCandidate = $User.AccountEnabled -eq $true -and $User.UserType -eq 'Member' -and $User.OnPremisesSyncEnabled -eq $false |
There was a problem hiding this comment.
IsCloudOnlyMemberCandidate currently requires OnPremisesSyncEnabled -eq $false, which excludes member accounts where Graph returns a null sync flag; those users then never enter the new cloud-only member tabs/review queue even though this codebase elsewhere treats null as cloud-only (IsCloudOnly = -not $User.OnPremisesSyncEnabled in New-MyUserAuthenticationObject). This causes inconsistent and undercounted cloud-only reporting for tenants that return null sync state.
Useful? React with 👍 / 👎.
- treat null OnPremisesSyncEnabled values as cloud-only candidates for member review - add an explicit review signal when sync state is unavailable
1 participant
Summary
Improve the user and guest reporting views so guest, external, and cloud-only accounts are easier to identify, sort, and review.
What Changed
Why
The existing reporting made it harder to distinguish cloud-only member accounts from guest or external identities and to quickly confirm which external accounts exist and how recently they were actually used.
Impact
Validation