Forum Discussion
Azure Automation connecting to Exchange with MFA enforced
I have a tenant with MFA a requirement for any account with elevated privileges. I can use Azure Automation PowerShell runbook for Azure AD using the service principal and certificate e.g. # Get ...
Chris Johnston The answer is deceptively simple....
I published a Runbook script to get you started with the initial connection, then you can add your own script form there on.
Chris Johnston The answer is deceptively simple....
I published a Runbook script to get you started with the initial connection, then you can add your own script form there on.
MichaelMardahl looking at the script comments the key is that the user account used, has never logged on, which then lets us bypass MFA. It has the feel of a loophole that may close at some point but many thanks for the post, I'll give this a go 🙂
- I got it from the official partner documentation 🙂
I am contemplating the issues. But for now I just configure a 50char password and put it away in a locked box.
If you wanna be REALLY secure. Then use the demo azure atomation script that connects securely to azure ad using a cert.
From there, create the user with my method.
The do your thing with exchange. And delete the user again! 🙂
Seems messy, but the odds of anyone being able to compromise the account in the few minutes it lives, are 0.00000000000001
