How To Get All Orphan Users Present In SharePoint On-Premise Site

An orphaned user is a user account that is available in SharePoint site but that user can't access SharePoint any longer. Let us see how to get a list of all the orphaned users in a SharePoint On-Premise website.

An Orphaned User is a user account that is available in SharePoint site but that user can't access SharePoint any longer. This can be in a case if the user account is deleted or disabled from the Active Directory.

In this blog, first, we are retrieving all the users from the user information list of the site collection, then we are checking whether those users are valid or invalid in our Active Directory.

The below image shows all my users present in the user information list of the site collection. You can get the user information list by  navigating to "Siteurl + /_catalogs/users/detail.aspx”.

How To Get All Orphan Users Present In SharePoint On-Premise site
Add the below code.
  1. using System;  
  2. using System.Net;  
  3. using Microsoft.SharePoint.Client;  
  4. namespace OrphanUser {  
  5.     class Program {  
  6.         static void Main(string[] args) {  
  7.             ClientContext ctx = new ClientContext("http://portal/sites/site1");  
  8.             NetworkCredential cred = new NetworkCredential("userName""passWord");  
  9.             ctx.Credentials = cred;  
  10.             ctx.ExecuteQuery();  
  11.             Web web = ctx.Web;  
  12.             ListItemCollection itemColl = null;  
  13.             User user = null;  
  14.             bool isGroup = false;  
  15.             string userName = string.Empty;  
  16.             string status = string.Empty;  
  17.             itemColl = web.SiteUserInfoList.GetItems(new CamlQuery());  
  18.             ctx.Load(itemColl, items => items.Include(item => item.FieldValuesAsText, item => item.Id, item => item.DisplayName));  
  19.             ctx.ExecuteQuery();  
  20.             foreach(ListItem itm in itemColl) {  
  21.                 user = web.EnsureUser(itm.DisplayName);  
  22.                 try {  
  23.                     ctx.Load(user, u => u.LoginName);  
  24.                     ctx.ExecuteQuery();  
  25.                     isGroup = false;  
  26.                 } catch {  
  27.                     isGroup = true;  
  28.                 }  
  29.                 if (!isGroup) {  
  30.                     userName = itm.DisplayName;  
  31.                     if (userName.ToLower() == "NT AUTHORITY\authenticated users".ToLower() || userName.ToLower() == "Helpdesk Administrator".ToLower() || userName.ToLower() == "Everyone except external users".ToLower() || userName.ToLower() == "SharePoint\\SYSTEM".ToLower() || userName.ToLower() == "Everyone".ToLower() || userName.ToLower().StartsWith("nt authority\\") || userName.ToLower() == "SharePoint App".ToLower() || userName.ToLower() == "System Account".ToLower() || userName.ToLower().Contains("_spo")) {  
  32.                         continue;  
  33.                     } else {  
  34.                         GetOrphanedUsers(ctx, web, itm.DisplayName);  
  35.                     }  
  36.                 }  
  37.             }  
  38.         }  
  39.         public static void GetOrphanedUsers(ClientContext ctx, Web web, string userValue) {  
  40.             try {  
  41.                 Microsoft.SharePoint.ApplicationPages.ClientPickerQuery.ClientPeoplePickerQueryParameters query = new Microsoft.SharePoint.ApplicationPages.ClientPickerQuery.ClientPeoplePickerQueryParameters();  
  42.                 query.AllowEmailAddresses = false;  
  43.                 query.AllowMultipleEntities = false;  
  44.                 query.ForceClaims = false;  
  45.                 query.MaximumEntitySuggestions = 50;  
  46.                 query.PrincipalType = Microsoft.SharePoint.Client.Utilities.PrincipalType.All;  
  47.                 query.PrincipalSource = Microsoft.SharePoint.Client.Utilities.PrincipalSource.All;  
  48.                 query.QueryString = userValue;  
  49.                 query.AllUrlZones = false;  
  50.                 query.SharePointGroupID = 0;  
  51.                 query.WebApplicationID = new Guid("00000000-0000-0000-0000-000000000000");  
  52.                 ClientResult < String > resultInfo = Microsoft.SharePoint.ApplicationPages.ClientPickerQuery.ClientPeoplePickerWebServiceInterface.ClientPeoplePickerSearchUser(ctx, query);  
  53.                 try {  
  54.                     ctx.ExecuteQuery();  
  55.                 } catch {}  
  56.                 if (resultInfo == null || resultInfo.Value == null || resultInfo.Value == "[]") {  
  57.                     Console.WriteLine(userValue + " is an Orphan user");  
  58.                 }  
  59.             } catch {}  
  60.         }  
  61.     }  
  62. }  
How To Get All Orphan Users Present In SharePoint On-Premise site
 
Result
 
It shows only the user accounts that are deleted or disabled from the Active Directory.