Script Repository


Check multi-factor authentication status for a user in Microsoft 365

April 28, 2020
3380

The script can be used to obtain the status of multi-factor authentication for a user in Microsoft 365 (Office 365). To execute the script, use the Run a program or PowerShell script action in a Custom Command, Business Rule or Scheduled Task.

The script can be used only in Adaxes 2018.2 and later.

For the script to work, you need to install Microsoft Azure Active Directory Module for Windows PowerShell on each computer where Adaxes service is running.

Edit Remove
PowerShell
Import-Module MsOnline

# Get Microsoft 365 Object ID
try
{
    $objectId = [Guid]$Context.TargetObject.Get("adm-O365ObjectId")
}
catch
{
    $Context.LogMessage("The user %fullname% doesn't have a Microsoft 365 account.", "Warning")
    return
}

# Connect to Microsoft 365
Connect-MsolService -Credential $Context.GetOffice365Credential()

# Set MFA state in Microsoft 365
$user = Get-MsolUser -ObjectId $objectId

# Output MFA status
if ($user.StrongAuthenticationRequirements.State -ne $NULL)
{
    $Context.LogMessage("Multi-factor authentication is enabled for user %fullname%.", "Information")
}
else
{
    $Context.LogMessage("Multi-factor authentication is disabled for user %fullname%.", "Information")
}

Comments ( 0 )
No results found.
Leave a comment