-
Notifications
You must be signed in to change notification settings - Fork 0
/
BulkUpdateUsersMFASetting.txt
78 lines (62 loc) · 2.17 KB
/
BulkUpdateUsersMFASetting.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#Check MSOnline Module
if(!(get-module msonline))
{
install-module msonline -Confirm:$false
}
#Upgrade MSOnline Module
import-module msonline
#Display Successd
write-host "Enter Azure credentials to connect Azure AD" -ForegroundColor yellow
#Connect to Azure AD
Connect-MsolService
#Import CSV Data, csv data is Username and MFA Statu
$users = Import-Csv 'Path\BulkUpdateMFASampleFile.csv'
#Setting MFA
foreach ($user in $users)
{
#Get CSV Data
$NewState= $user.'MFA Status'
#Check List
if($NewState -eq "Enabled")
{
#Enabled MFA
$st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
$st.RelyingParty = "*"
$st.State = $NewState
$sta = @($st)
Set-MsolUser -UserPrincipalName $user.Username -StrongAuthenticationRequirements $sta
#Check User MFA
$CurrentState = (Get-MsolUser -UserPrincipalName $user.Username | Select -ExpandProperty StrongAuthenticationRequirements).state
#Display Result
if($CurrentState -eq "Enabled" -or $CurrentState -eq "Enforced")
{
write-host "Current state of MFA for user $user is - Done" -ForegroundColor Green
}
else
{
write-host "Current state of MFA for user $user is - Fail" -ForegroundColor Red
}
}
else
{
#Disabled MFA
$cfa = @()
Set-MsolUser -UserPrincipalName $user.Username -StrongAuthenticationRequirements $cfa
#Check User MFA
$CurrentState = (Get-MsolUser -UserPrincipalName $user.Username | Select -ExpandProperty StrongAuthenticationRequirements).state
#Display Result
if($CurrentState -eq "Enabled" -or $CurrentState -eq "Enforced")
{
write-host "Current state of MFA for user $user is Fail" -ForegroundColor Red
}
else
{
write-host "Current state of MFA for user $user is Done" -ForegroundColor Green
}
}
}
#Export MFA result
$MFAStatu=Get-MsolUser -All | Select UserPrincipalName, @{N="Statu"; E={$_.StrongAuthenticationRequirements.State}}
$MFAStatu | Export-Csv -Path 'Path\MFAStatu.csv' -NoTypeInformation -Encoding UTF8
#Logout
Disconnect-AzureAD