Accessing Azure Active Directory information via PowerShell

Two ways to do it, via

  1. MSOnline module
  2. AzureAD module

First you start with a connection to Azure AD, via Connect-MsolService

Then you can run a number of commands against Azure AD.  Here is a couple:

Get-MsolDevice –RegisteredOwnerUpn “”
will display all the devices registered to a particular user.

Get-MsolUser –UserPrincipalName “” | select DisplayName, LastDirSyncTime,@{Name="PasswordAge";Expression={((Get-Date).ToUniversalTime())-$_.LastPasswordChangeTimeStamp}} | sort-object PasswordAge -desc
will display the last time Azure AD sync’d with the On-Premise AD, and how old the password is in days.

AzureAD Module
Connect-AzureAd is used to connect to Azure AD.
when the connection is successful, Connect-AzureAD will return something like
Account                                Environment TenantId                             TenantDomain           AccountType
-------                                ----------- --------                             ------------           --------        AzureCloud  e10ac18d-38fa-4a74-ba38-61f93ebd7150            User

Get-AzureADUser -Filter "userPrincipalName eq '" | Select-Object -Property *
Will return all the details for the user, including the ObjectID.

With the ObjectID, you can query what devices they have registered:
Get-AzureADUserRegisteredDevice -ObjectId  "df19e8e6-2ad7-453e-87f5-037f6529ae16"

Choose your Battles: The Modules and APIs for PowerShell to connect to AzureAD / O365
How to install and use the AzureAD PowerShell module