Get-MsolUser cover

Viewing Office 365 User Account Details Using Get-MsolUser

In this article we’ll show you how to get a various information about Office 365 user accounts using the Get-MsolUser PowerShell cmdlet. The Get-MsolUser cmdlet allows you to view the properties of one or several Office 365 accounts, this is an analogue of the Get-ADUser cmdlet for on-premises Active Directory. The Get-MsolUser cmdlet is part of the Azure AD PowerShell module (MSOnline), which allows you to connect to your Office 365 subscription. Therefore, to use this cmdlet you must first download and install this module. You can download and install the MSOnline manually (exe/msi installer), or install it online from the PowerShell Gallery. To do this, just run the command in the PoSh console:

Find-Module -Name MSOnline | Install-Module -Force


To connect to an Office 365 subscription, save your credentials to a variable:

$MSOCred = Get-Credential

In the window that appears, enter account’s credentials with the permissions to connect to your Office 365 tenant.

Get-MsolUser command

Now connect to your subscription with saved credentials:

Connect-MsolService -Credential $MSOCred

After connecting, run the command:


This command will return a list of all Office 365 users. By default, the UPN, Display name and the isLicensed attributes are returned.

Get-MsolUser command PowerShell

To display information about a specific user, you can specify its UserPrincipalName. You can display all user attributes:

Get-MsolUser -UserPrincipalName "”| Select-Object *|Format-List

using Get-MsolUser command

The user account contains a number of attributes that determine their properties, parameters and personal info (phone number, department, company, etc.). You can only request for a specific attributes:

Get-MsolUser -UserPrincipalName “” | Select-Object UserPrincipalName, DisplayName, Department, UsageLocation

This list can be exported to a CSV file (convenient for opening in Excel):

Get-MsolUser | Select-Object UserPrincipalName, DisplayName, PhoneNumber, Department, UsageLocation| Export-CSV c:\ps\o365userlist.csv –NoTypeInformation

Below are some useful queries for getting data about Office 365 users using the Get-MsolUser cmdlet.

You can display all users of a specific department:

Get-msoluser | Where {$_.Department -eq “Sales Dept”}

Let’s display the list of users and licenses assigned to them:

Get-MsolUser | Where-Object {$_.isLicensed -like "True"} | FT DisplayName, licenses, islicensed

List of assigned license options:

(Get-MsolUser –UserPrincipalName ).Licenses[0].ServiceStatus

List of users without a license:

Get-MsolUser –UnlicensedUsersOnly

List of deleted account (useful if you accidentally delete an Office 365 account, when you urgently need to restore it):

Get-MsolUser -ReturnDeletedUsers | FL UserPrincipalName,ObjectID

List the time of the last password change for Office 365 users:

Get-MsolUser -All | select DisplayName, LastPasswordChangeTimeStamp

List the active (enabled) accounts:

Get-MsolUser -EnabledFilter EnabledOnly -ALL

List the disabled accounts:

Get-MsolUser -EnabledFilter DisabledOnly -ALL

Display a list of users who haven’t changed their passwords for more than 90 days:

Get-MsolUser | Where-Object { $.LastPasswordChangeTimestamp -lt (Get-Date).AddDays(-90)} | Select-Object DisplayName,UserPrincipalName,LastPasswordChangeTimestamp,Licenses,PasswordNeverExpires | Format-Table

You may also like:

Time Configuration for a Virtualized Domain Contro... Today we will talk about some of the features of time configuration on a virtualized domain controllers. Typically, the time synchronization scheme in...
Removing Old and Unused Drivers from Driver Store ... Each time you install or update your device driver, Windows OS (since Vista) continues to store the old version of the driver in the system Driver Sto...
How to transfer FSMO Roles From a Failed Domain Co... In case domain controller, which owns FSMO (Flexible Single Master Operation) roles, is fail (virus attack, fatal software problems or catastrophic ha...
Get-service: Checking the Status of Windows Servic... Using the Get-Service cmdlet you can get a list of all the services installed on the operating system, its status and startup type. This one and other...
Installing WebDAV client on Windows Server 2016 WebDAV (Web Distributed Authoring and Versioning) is an extension of the HTTP/1.1 protocol. The WebDAV protocol allows to access files on the remote s...

Add Your Comment