For a while, I had been manually running cmdlets to export guest account reports from Entra ID. These reports were crucial for analyzing and cleaning up inactive accounts, but I often found myself retyping or searching for the right commands. To simplify the process, I created a straightforward PowerShell script to generate a report of guest accounts.

Regularly reviewing guest accounts is important, especially if you’re not using advanced features like Entitlement Management in Entra ID. Identifying and removing inactive accounts helps keep your environment clean and secure.

The goal was to make the task easier:

• Quickly export guest accounts to a CSV and HTLM for further analysis.

• Use bulk delete actions in Entra ID to remove stale accounts.

I primarily focus on analyzing environments and providing recommendations, so I didn’t include any code for deleting guest accounts. I don’t have or need deletion rights, and I wanted to keep the script safe and read-only. However, it’s flexible enough for others to modify if needed.

The Script

You can find the complete script in my GitHub repository. Feel free to download, review, or contribute improvements:

Export-EntraGuestReport.ps1

Before you run the script, you must install the Microsoft Entra PowerShell module

Rich HTML Report Generation

Beyond simple CSV export, the script generates a comprehensive HTML report with interactive features, summary statistics, and visual categorization:

• Summary Dashboard: Key metrics displayed in an easy-to-read card layout

• Interactive Filtering: Search by email, filter by status, account state, and more

• Visual Status Indicators: Color-coded rows for different user states

• Sortable Columns: Click column headers to sort data

• Responsive Design: Professional appearance with modern styling

How to Use the Script

Save and Prepare the Script

Save the complete script as Export-EntraGuestReport.ps1 in your preferred location and ensure you have the Microsoft Entra PowerShell module installed:

Install-Module -Name Microsoft.Entra -Repository PSGallery -Scope CurrentUser -Force -AllowClobber

Basic Usage Examples

Generate both HTML and CSV reports with default settings:

.\Export-EntraGuestReport.ps1

Generate only CSV report for pending guests:

.\Export-EntraGuestReport.ps1 -PendingAcceptanceOnly -CSVOnly

Custom inactive threshold with HTML report only:

.\Export-EntraGuestReport.ps1 -InactiveDays 180 -HTMLOnly

Custom path and filename for comprehensive reporting:

.\Export-EntraGuestReport.ps1 -ExportPath "D:\Reports" -FileName "MonthlyGuestAudit"

Target specific tenant:

.\Export-EntraGuestReport.ps1 -TenantId "your-tenant-id" -InactiveDays 120

Available Parameters

• TenantId: Optional. Specify a particular tenant to analyze

• PendingAcceptanceOnly: Switch to filter only pending guest invitations

• InactiveDays: Customize the inactive threshold (default: 90 days)

• ExportPath: Specify custom export directory

• FileName: Custom filename (without extension)

• CSVOnly: Generate only CSV report

• HTMLOnly: Generate only HTML report

Review the Report

The script will create comprehensive reports with:

• HTML Report: Interactive dashboard that opens automatically in your browser, featuring summary statistics, filtering capabilities, and visual status indicators

• CSV Report: Detailed data export perfect for further analysis in Excel or other tools

• Summary File: Text-based summary of key findings for quick reference

Conclusion

This script makes it easy to generate a report on guest accounts from Entra ID. It simplifies data extraction for analysis and cleanup, and its flexible design lets you adapt or expand it as needed.