Deleted user from Azure AD still exists in sharepoint online permission, UserInfo list.

Users that are deleted  from AAD are still visible in SharePoint Online.

These user accounts still show up in the SharePoint site permission list.

This is normal behavior, it doesn’t mean the user has access.

You may need to delete the user from User Information List

  1. Browse to the site and edit the URL by adding the following string to the end of it: /_layouts/15/people.aspx?MembershipGroupId=0For example, the full URL will resemble the following: https://fabrikam.sharepoint.com/_layouts/15/people.aspx?membershipGroupId=0
  2. Select the person from the list, and then on the Actions menu, select Delete Users from Site Collection.

Using the SharePoint Online Management Shell

  1. Install the SharePoint Online Management Shell.
  2. Connect to SharePoint as a Global Administrator or SharePoint Administrator in Microsoft 365. To learn how, see Getting started with SharePoint Online Management Shell.
  3. Run the following command:PowerShellCopyRemove-SPOUser -Site https://fabrikam.sharepoint.com -LoginName [email protected]

More information can be found here :  How to remove deleted users from SharePoint Online

Export complete UserInfo List via Powershell

You need Sharepoint Online management shell, how to install can be found here : https://learn.microsoft.com/en-us/powershell/sharepoint/sharepoint-online/connect-sharepoint-online

#install module
Install-Module -Name Microsoft.Online.SharePoint.PowerShell

#connect Sharepoint Online management shell
Connect-SPOService -Url https://contoso-admin.sharepoint.com -Credential [email protected]

I found this script on internet to export the UserInfo List. Original post : Instantly Export SharePoint user information list to CSV(Excel) file using PowerShell in 2 steps – Global SharePoint (global-sharepoint.com)

#The below script is used to extract the users from the user information list using the PowerShell programmatically.
cls
 
$PSshell = Get-PSSnapin "Microsoft.SharePoint.PowerShell" -ErrorVariable err -ErrorAction SilentlyContinue
if($PSshell -eq $null)
{
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
}
$fileName = "User Information Report"
#'yyyyMMddhhmm yyyyMMdd
$enddate = (Get-Date).tostring("yyyyMMddhhmmss")
#$filename = $enddate + '_VMReport.doc'
$logFileName = $fileName +"_"+ $enddate+"_Log.txt"
$invocation = (Get-Variable MyInvocation).Value
$directoryPath = Split-Path $invocation.MyCommand.Path
 
$directoryPathForLog=$directoryPath+"\"+"LogFiles"
if(!(Test-Path -path $directoryPathForLog))
{
New-Item -ItemType directory -Path $directoryPathForLog
#Write-Host "Please Provide Proper Log Path" -ForegroundColor Red
}
#$logPath = $directoryPath + "\" + $logFileName
 
$logPath = $directoryPathForLog + "\" + $logFileName
 
$isLogFileCreated = $False
 
function Write-Log([string]$logMsg)
{
if(!$isLogFileCreated){
Write-Host "Creating Log File..."
if(!(Test-Path -path $directoryPath))
{
Write-Host "Please Provide Proper Log Path" -ForegroundColor Red
}
else
{
$script:isLogFileCreated = $True
Write-Host "Log File ($logFileName) Created..."
[string]$logMessage = [System.String]::Format("[$(Get-Date)] - {0}", $logMsg)
Add-Content -Path $logPath -Value $logMessage
}
}
else
{
[string]$logMessage = [System.String]::Format("[$(Get-Date)] - {0}", $logMsg)
Add-Content -Path $logPath -Value $logMessage
}
}
 
#The below function is used to extract the users from the user information list which takes SiteURL as paramter.
 
function ExtractSPuserInformationListToCSV()
{
 
param
(
[Parameter(Mandatory=$true)] [string] $SiteURL
 
)
 
$web = Get-SPWeb $SiteURL
$list = $web.Lists["User Information List"]
 
$spQuery = New-Object Microsoft.SharePoint.SPQuery
 
$CamlQueryString = '<Query><OrderBy><FieldRef Name="Title" Ascending="True" /></OrderBy></Query>'
 
$spQuery.Query = $CamlQueryString
 
$userInformationListItemsColls = $list.GetItems($spQuery)
 
foreach($oneUserInInformationList in $userInformationListItemsColls)
{
 
Write-Host $oneUserInInformationList.Title
if (![string]::IsNullOrEmpty($oneUserInInformationList["ows_Name"]))
{
 
$userData = Get-SPUser -Web $web.URL -Identity $oneUserInInformationList["ows_Name"]
 
$UserInformationlistItemData = @{
"Display Name" = $userData.DisplayName
"User Login" = $userData.UserLogin
"Email" = $userData.Email
"Name" = $userData.Name
 
}
 
}
New-Object PSObject -Property $UserInformationlistItemData
 
}
 
$web.Dispose();
return $UserInformationlistItemData
}
 
####################Testing - calling the function########################################################
 
try
{
 
#ExtractSPuserInformationListToCSV "Your site URL" | Out-GridView #Your site collection URL
ExtractSPuserInformationListToCSV "Your site URL" | Export-Csv -NoTypeInformation -Path "Your CSV file path"; #Your site collection URL
 
$message="The user information list inventory generation has been completed successfully."
Write-Host $message -BackgroundColor Green
 
}
catch
{
$ErrorMessage = $_.Exception.Message +"in the user information list inventory generation script!: "
Write-Host $ErrorMessage -BackgroundColor Red
Write-Log $ErrorMessage
}
####################Testing - calling the function ends here####################################

Leave a Reply

Your email address will not be published. Required fields are marked *