From 8c35fa8a12fecfdd22f3c18f2febb6713115a0f6 Mon Sep 17 00:00:00 2001 From: Ivo Oskamp Date: Fri, 29 Nov 2024 11:19:33 +0100 Subject: [PATCH] Add Add m365-users-mfa.ps1 --- Add m365-users-mfa.ps1 | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 Add m365-users-mfa.ps1 diff --git a/Add m365-users-mfa.ps1 b/Add m365-users-mfa.ps1 new file mode 100644 index 0000000..dc629e6 --- /dev/null +++ b/Add m365-users-mfa.ps1 @@ -0,0 +1,41 @@ +# Install the MSOnline module if it is not already installed +Install-Module -Name MSOnline -Force + +# Connect to the MSOnline service +Connect-MsolService + +# Retrieve all users, suppressing any errors by redirecting to $null +$AllUsers = Get-MsolUser -All 2>$null + +# Container for MFA information +$MFAInfo = @() + +# Loop through all users to check their MFA status +foreach ($user in $AllUsers) { + # Check if MFA is enabled by looking at StrongAuthenticationRequirements + if ($user.StrongAuthenticationRequirements.State -ne $null) { + $MFAInfo += [pscustomobject]@{ + UserPrincipalName = $user.UserPrincipalName # User's UPN (email address) + DisplayName = $user.DisplayName # User's display name + MFAEnabled = $true # MFA is enabled + Method = "Conditional Access/MFA Policy" # MFA policy used + } + } else { + # If no MFA policy is found, mark MFA as disabled + $MFAInfo += [pscustomobject]@{ + UserPrincipalName = $user.UserPrincipalName + DisplayName = $user.DisplayName + MFAEnabled = $false # MFA is not enabled + Method = "None" # No MFA method applied + } + } +} + +# Define the path for the CSV file +$CsvFilePath = "C:\MFA_Overview.csv" + +# Export the MFA data to a CSV file without including type information +$MFAInfo | Export-Csv -Path $CsvFilePath -NoTypeInformation + +# Display a message indicating that the export was successful +Write-Host "MFA overview successfully exported to $CsvFilePath"