Add Add m365-users-mfa.ps1

2024-11-29 11:19:33 +01:00 · 2024-11-29 11:19:33 +01:00 · 8c35fa8a12
commit 8c35fa8a12
parent ec51f77ed1
1 changed files with 41 additions and 0 deletions
--- a/m365-users-mfa.ps1
+++ b/m365-users-mfa.ps1
@ -0,0 +1,41 @@
+# Install the MSOnline module if it is not already installed
+Install-Module -Name MSOnline -Force
+
+# Connect to the MSOnline service
+Connect-MsolService
+
+# Retrieve all users, suppressing any errors by redirecting to $null
+$AllUsers = Get-MsolUser -All 2>$null
+
+# Container for MFA information
+$MFAInfo = @()
+
+# Loop through all users to check their MFA status
+foreach ($user in $AllUsers) {
+    # Check if MFA is enabled by looking at StrongAuthenticationRequirements
+    if ($user.StrongAuthenticationRequirements.State -ne $null) {
+        $MFAInfo += [pscustomobject]@{
+            UserPrincipalName = $user.UserPrincipalName   # User's UPN (email address)
+            DisplayName       = $user.DisplayName         # User's display name
+            MFAEnabled        = $true                     # MFA is enabled
+            Method            = "Conditional Access/MFA Policy"  # MFA policy used
+        }
+    } else {
+        # If no MFA policy is found, mark MFA as disabled
+        $MFAInfo += [pscustomobject]@{
+            UserPrincipalName = $user.UserPrincipalName
+            DisplayName       = $user.DisplayName
+            MFAEnabled        = $false                    # MFA is not enabled
+            Method            = "None"                    # No MFA method applied
+        }
+    }
+}
+
+# Define the path for the CSV file
+$CsvFilePath = "C:\MFA_Overview.csv"
+
+# Export the MFA data to a CSV file without including type information
+$MFAInfo | Export-Csv -Path $CsvFilePath -NoTypeInformation
+
+# Display a message indicating that the export was successful
+Write-Host "MFA overview successfully exported to $CsvFilePath"