Enforce MFA using CSV
Step 1. Connect-MsolService
Step 2. Run
the following commands.
$auth = New-Object -TypeName
Microsoft.Online.Administration.StrongAuthenticationRequirement
$auth.RelyingParty =
"*"
Step 3. Choose
the MFA State.
You can choose between "Enabled" and
"Enforced"
$auth.State = "Enabled"
Step 4:
Choose the date.
Any devices issued for a user before this date would require MFA
setup. Normally, we would select the date of running the command.
$auth.RememberDevicesNotIssuedBefore = (Get-Date)
Step 5. Activate
MFA.
For one user
Set-MsolUser -UserPrincipalName <UserPrincipalName>
-StrongAuthenticationRequirements $auth
Using CSV-
Create a CSV with column UserPrincipalName and place users under this column.
Import-Csv C:\RAhul\userMFA.csv | Get-MsolUser |
Foreach{ Set-MsolUser -UserPrincipalName $_.UserPrincipalName
-StrongAuthenticationRequirements $auth}
Hi, is there a way to enhance the script to include checkpoint/verification if the current state is already “Enforced” then provide prompt or skip that particular user
ReplyDeleteGreate, simple and objective! nice!
ReplyDelete