Get All Disabled Users in Microsoft 365

Monitoring disabled users in Microsoft 365 is essential as their sign-ins get blocked for various reasons, such as unauthorized login attempts, risky sign-ins, or suspicious actions. Also, admins disable inactive accounts for security concerns or during offboarding practices. By reviewing these accounts, admins can take better decisions whether to re-enable the accounts or delete them from the organization. If required, they can also reuse these accounts’ licenses.

Let’s explore how to find out the disabled user accounts in Microsoft 365.

Microsoft 365 disabled user accounts can be found using the below three methods. You can use any of these methods as you wish.

1. Get all disabled users using Microsoft 365 admin center
2. Find all disabled users using Microsoft Entra admin center
3. Identify all Microsoft 365 disabled users using PowerShell

To get all the sign-in disabled user accounts using the M365 admin center, follow the below steps.

• Navigate to the Microsoft 365 admin center.
• Go to Users –> Active users.
• Click on the ‘Filter’ option near the search bar and select ‘Sign-in blocked’.

• You will get the list of all disabled users in Microsoft 365 as shown below.

Note: You can also export the Microsoft 365 disabled users list to verify disabled accounts offline. This file can also be useful for bulk-enabling or bulk-deleting these user accounts.

To check the sign-in blocked status of a single user, follow the below steps.

• Navigate to the Microsoft 365 admin center –> Users–> Active users.
• Click on a specific user. If the user’s sign-in was blocked, you will see ‘Sign-in blocked’ under the username.

To find out all the sign-in disabled accounts in Microsoft 365 using the MS Entra admin center, follow the steps below.

• Navigate to the Microsoft Entra admin center.
• Expand ‘Identity’ and go to Users –> All users.
• Click on the ‘Add filter’ option and choose ‘Account enabled’.
• Move the ‘value’ toggle to ‘No’ and click on ‘Apply’.

• The applied filter will show the list of all Microsoft 365 disabled user accounts as below.

Note: You can also monitor these user’s sign-in report to prevent account compromise or suspicious events.

To get a list of all disabled users in Microsoft 365 using PowerShell, you need to use Microsoft Graph.

• Connect to Microsoft Graph by running the below cmdlet.

• To get all the disabled users using PowerShell, run the following cmdlet.

You will get the list of disabled users in Microsoft 365 as shown below.

If a user account was disabled due to unauthorized logins or risky behaviors, admins can re-enable the account once the risk is verified and resolved. To re-enable a disabled user account, follow the below steps.

Connect to Microsoft Graph PowerShell and run the below cmdlet.

You can also re-enable the user account using the M365 admin center by clicking on the ‘Unblock sign-in‘ option.

I hope this blog will help you to get a list of all disabled users in Microsoft 365 using both the admin centers and PowerShell. Feel free to reach out to us for any queries through the comment section!