42 lines
1.6 KiB
PowerShell
42 lines
1.6 KiB
PowerShell
# Install the MSOnline module if it is not already installed
|
|
Install-Module -Name MSOnline -Force
|
|
|
|
# Connect to the MSOnline service
|
|
Connect-MsolService
|
|
|
|
# Retrieve all users, suppressing any errors by redirecting to $null
|
|
$AllUsers = Get-MsolUser -All 2>$null
|
|
|
|
# Container for MFA information
|
|
$MFAInfo = @()
|
|
|
|
# Loop through all users to check their MFA status
|
|
foreach ($user in $AllUsers) {
|
|
# Check if MFA is enabled by looking at StrongAuthenticationRequirements
|
|
if ($user.StrongAuthenticationRequirements.State -ne $null) {
|
|
$MFAInfo += [pscustomobject]@{
|
|
UserPrincipalName = $user.UserPrincipalName # User's UPN (email address)
|
|
DisplayName = $user.DisplayName # User's display name
|
|
MFAEnabled = $true # MFA is enabled
|
|
Method = "Conditional Access/MFA Policy" # MFA policy used
|
|
}
|
|
} else {
|
|
# If no MFA policy is found, mark MFA as disabled
|
|
$MFAInfo += [pscustomobject]@{
|
|
UserPrincipalName = $user.UserPrincipalName
|
|
DisplayName = $user.DisplayName
|
|
MFAEnabled = $false # MFA is not enabled
|
|
Method = "None" # No MFA method applied
|
|
}
|
|
}
|
|
}
|
|
|
|
# Define the path for the CSV file
|
|
$CsvFilePath = "C:\MFA_Overview.csv"
|
|
|
|
# Export the MFA data to a CSV file without including type information
|
|
$MFAInfo | Export-Csv -Path $CsvFilePath -NoTypeInformation
|
|
|
|
# Display a message indicating that the export was successful
|
|
Write-Host "MFA overview successfully exported to $CsvFilePath"
|