MFA – Report on user status
MFA – Report on user status
This report will give you a list of available users listed in AD/AAD, listing if the MFA services is enabled, enforced, or disabled. You will also be able to see if someone has configured their phone or not, and what kind of authentication they are using.
- You will need to get a spread sheet list of users so that you can do bit of an audit, and monitor progress of the deployment.
- Open Up Windows Power Shell on your computer. Type or copy & paste:Connect-MsolService
- If you get command not recognized, install the needed module with command: Install-Module MSOnline
- A pop up with a login window will show up. Log in with the same credentials you use to login to the MS/O365 account for that client, that has administrator permissions.
- Copy and paste the following command:Get-MsolUser -All | Select-Object @{N=’UserPrincipalName’;E={$.UserPrincipalName}},@{N=’MFA Status’;E={if ($.StrongAuthenticationRequirements.State){$.StrongAuthenticationRequirements.State} else {“Disabled”}}},@{N=’MFA Methods’;E={$.StrongAuthenticationMethods.methodtype}} | Export-Csv -Path c:\MFA_Report.csv -NoTypeInformation
- The command will process a file and save it to the computer you are running the command from: c:\MFA_Report.csv open and save it to the folder as a xls file
Responses