Best practice finding Guest users in Azure AD using PowerShell

I had to find all guest users in our Azure AD today.

Seatching the net I kept finding a command I didnt like

$users = Get-AzureADUser -All $true | Where-Object {$_.UserType -eq 'Guest'}

This is simply wrong! Always try to avoid getting a big data set, and then filtering it using where-object! where-object is great for some scenarios but it should be avoided and filters placed in the source cmdlet, if possible!

so the correct line is:

$users = Get-AzureADUser -Filter "UserType eq 'Guest'"

I used it to disable the guest users, as we do not want any guest user sin our Azure AD

$users = Get-AzureADUser -Filter "UserType eq 'Guest'"
$users | Set-AzureADUser -AccountEnabled $false

Written on June 8, 2021