Backtrack:  
 
by lunarg on April 6th 2017, at 10:35

Differentiating users that are synchronized from an on-premise AD and users created in Office 365 is easy when logged in through the Office 365 Portal. When using Powershell, it's another matter. While there's a parameter for Get-MsolUser to show only synchronized users, the ability to filter on only cloud users is missing. However, as cloud-only users do not have the ImmutableID set, you can build your own filter.

Show only synchronized users

This one's obvious:

Get-MsolUser -All -Synchronized

Show only cloud users

You can filter on ImmutableID as it's not set for cloud-only users:

Get-MsolUser -All | ? ImmutableID -eq $null

If you want to filter out external users (i.e. if you shared something in Sharepoint Online with users that aren't in the tenant's Azure AD), you can filter down even further:

Get-MsolUser -All | ? {$_.ImmutableID -eq $null -and $_.UserPrincipalName -notlike "*#EXT#*"}
 
 
« December 2022»
SunMonTueWedThuFriSat
    123
45678910
11121314151617
18192021222324
25262728293031
 
Links
 
Quote
« I needed a password with eight characters so I picked Snow White and the Seven Dwarves. »