Wednesday, July 03, 2019

Azure Get MFA Default Method

I recently had to audit the MFA methods that users registered for and their default method.  Here is the code that helped me.

import-module MSOnline
$now = Get-Date -UFormat "%Y-%m-%d_%H-%M-%S"
$filepath = 'C:\temp\MFA_Users_' + $now + '.csv'
Get-MsolUser -All | Select-Object UserPrincipalName, DisplayName, Title,
    @{n="MFA"; e={$_.StrongAuthenticationRequirements.State}},
    @{n="Default Method"; e={($_.StrongAuthenticationMethods | where-object isdefault -eq 'true').MethodType}},
    @{n="Methods"; e={($_.StrongAuthenticationMethods).MethodType}} | Export-Csv -Path $filepath -NoTypeInformation

No comments: