Hi everyone! We're being asked by our auditors to regularly review the members of specific security groups in our Active Directory/Microsoft Entra environment. I'm curious if there are any native tools or out-of-the-box solutions within Microsoft Entra that could help with user auditing. Is there a way to flag certain groups for more detailed audits, or does anyone have suggestions for tools or methods? Sorry if my question is a bit vague, and thanks in advance for your help!
4 Answers
There’s a free tool from Netwrix, but I think scripting it yourself might be the way to go depending on what you're looking for in your audits.
You can use the Access Reviews feature in Entra, which is part of the Identity Governance section. Just make sure you have the right licensing for it.
AdminDroid also has a free tool that offers Microsoft 365 and Active Directory reports, along with many other reports. For more native solutions, you can check the Microsoft 365 admin center or ADUC, but that involves clicking each group manually. A quicker way is to use PowerShell to export group memberships, making it easier to review everything. Here’s a helpful script you can use to export security groups:
`./M365GroupReport.ps1 -Security` for all groups or `./M365GroupReport.ps1 -GroupIDsFile C:/GroupId.csv` for specific groups.
Keep in mind that flagging sounds more like monitoring rather than true auditing. Auditing is more about taking a snapshot. You could export the membership list to a CSV file, review it in Excel, and maybe even save it to OneDrive or SharePoint for easy access later.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures