Script Repository

Check multi-factor authentication status for a user in Microsoft 365

November 25, 2020

The script can be used to obtain the status of multi-factor authentication for a user in Microsoft 365 (Office 365). To execute the script, use the Run a program or PowerShell script action in a Custom Command, Business Rule or Scheduled Task.

The script can be used only in Adaxes 2018.2 and later.

For the script to work, you need to install Microsoft Azure Active Directory Module for Windows PowerShell on each computer where Adaxes service is running.

Edit Remove
Import-Module MsOnline

# Get Microsoft 365 Object ID
    $objectId = [Guid]$Context.TargetObject.Get("adm-O365ObjectId")
    $Context.LogMessage("The user %fullname% doesn't have a Microsoft 365 account.", "Warning")

# Connect to Azure AD
Connect-MsolService -Credential $Context.GetOffice365Credential()

# Output MFA status
$user = Get-MsolUser -ObjectId $objectId

if ($user.StrongAuthenticationRequirements.State -ne $NULL)
    $Context.LogMessage("Multi-factor authentication is enabled for user %fullname%.", "Information")
    $Context.LogMessage("Multi-factor authentication is disabled for user %fullname%.", "Information")

Comments ( 0 )
No results found.
Leave a comment