User
The User entity represents a user account in Azure Active Directory (Entra ID).
Guid
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Unique identifier for the entity in FSProtect
FSName
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Display name used in FSProtect
ObjectID
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Azure AD Object ID of the user
FirstName
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
First name of the user
LastName
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Last name of the user
Enabled
BOOLEAN
True / False
Whether the user account is enabled
WhenCreated
DATE
Smaller, Larger, Between, Equal
Date the user account was created
DisplayName
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Display name of the user in Azure AD
Title
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Job title of the user
PasswordLastSet
DATE
Smaller, Larger, Between, Equal
Date the user's password was last set
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Email address of the user
OnPremImmutableID
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Immutable ID synced from on-premises AD
OnPremSyncEnabled
BOOLEAN
True / False
Whether the user is synced from on-premises AD
OnPremSID
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
On-premises Security Identifier (SID)
IsInactive
BOOLEAN
True / False
Whether the user account is inactive
OnPremLastSyncDateTime
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Last sync date/time from on-premises AD
UserPrincipalName
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
User Principal Name (UPN) of the user
UserType
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Type of user (e.g., Member, Guest)
IsAZPrivileged
BOOLEAN
True / False
Whether the user has privileged access in Azure
IsStealth
BOOLEAN
True / False
Whether the user is a stealth (shadow) admin
IsAdmin
BOOLEAN
True / False
Whether the user has admin privileges
WhenDeleted
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Date the user was deleted (if applicable)
UsageLocation
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Usage location assigned to the user
PasswordPolicies
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Password policies applied to the user
TenantID
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Azure AD Tenant ID the user belongs to
IsSsprRegistered
BOOLEAN
True / False
Whether the user is registered for Self-Service Password Reset
IsSsprEnabled
BOOLEAN
True / False
Whether SSPR is enabled for the user
IsSsprCapable
BOOLEAN
True / False
Whether the user is capable of using SSPR
IsMfaCapable
BOOLEAN
True / False
Whether the user is capable of using MFA
IsMfaRegistered
BOOLEAN
True / False
Whether the user is registered for MFA
IsPasswordlessCapable
BOOLEAN
True / False
Whether the user is capable of passwordless authentication
MethodsRegistered
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Authentication methods registered by the user
LastSignInDateTime
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Last interactive sign-in date/time
LastNonInteractiveSignInDateTime
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Last non-interactive sign-in date/time
LastSuccessfulSignInDateTime
TEXT
Like, Not Like, Equal, Not Equal, Is Empty
Last successful sign-in date/time
AZTier
NUMBER
Equal, Between, Smaller, Larger, Smaller or Equal, Larger or Equal
Azure tier classification assigned by FSProtect
Last updated
Was this helpful?