Report Entra-native (aka cloud-only) accounts

Entra-native accounts are often overlooked as many Identity Governance tools are focused on Active Directory accounts. Entra makes it easy to filter out Entra-native accounts in Entra Admin portal UI, but it's impossible to tell if account is a resource account or not. You can use below report to query all Entra-native accounts and see if account is associated with any EXO resource (like Shared Mailbox, Room Mailbox, or Scheduling Mailbox). Report will be saved as $cloud_users variable, simple export it to csv after running report. Cheers

$aad_users = get-mguser -Property SignInActivity,DisplayName,UserPrincipalName,AccountEnabled,UserType,CreatedDateTime,GivenName,Surname,Mail,CompanyName,JobTitle,Department,UsageLocation,StreetAddress,State,OfficeLocation,City,AssignedLicenses,OnPremisesSyncEnabled -All | ? {$_.OnPremisesSyncEnabled -ne 'True'}

$SchedulingMailboxes = Get-exoMailbox -RecipientTypeDetails SchedulingMailbox -ResultSize:Unlimited

$SharedMailboxes = Get-exoMailbox -RecipientTypeDetails SharedMailbox -ResultSize:Unlimited

$RoomMailboxes = Get-exoMailbox -RecipientTypeDetails RoomMailbox -ResultSize:Unlimited

$allSKUs = Get-MgSubscribedSku

$cloud_users = @()
foreach ($aad_user in $aad_users)
      {
       $cloud_users += $aad_user | Select      DisplayName, UserPrincipalName, AccountEnabled,  UserType, CreatedDateTime, GivenName, Surname,Mail, `
@{N="Last SignIn"; E={$aad_user.SignInActivity.LastSignInDateTime}}, `
@{N="SharedMailbox"; E={if ($aad_user.UserPrincipalName -in $SharedMailboxes.UserPrincipalName) {'True'} else {'False'}}}, `
 @{N="SchedulingMailbox"; E={if ($aad_user.UserPrincipalName -in $SchedulingMailboxes.UserPrincipalName) {'True'} else {'False'}}}, `
@{N="RoomMailbox"; E={if ($aad_user.UserPrincipalName -in $RoomMailboxes.UserPrincipalName) {'True'} else {'False'}}},
@{N="AssignedLicenses"; E={(($_.AssignedLicenses.SkuId | % {$SkuId = $_; ($allSKUs | ? {$_.SkuId -eq $SkuId}).SkuPartNumber}) | Out-String).Trim()}}, `
CompanyName,JobTitle,Department,UsageLocation,StreetAddress,State,OfficeLocation,City

      }

References:

Get-MgUser (Microsoft.Graph.Users) | Microsoft Learn