Forum Discussion
User Authentication Method last used date
We have an issue with our users getting the latest iPhone and never notifying IT that they have turned in the old one. This means that the old device is still registered in our system as a valid MFA method for the user. I would like to run a script that would tell me per user, their MFA methods and the last time they used it, Or even better the last time that device checked in. The goal would be to delete any devices that have not been used or checked in for over a year as a starting point.
Running Get-MgBetaUserAuthenticationMethod -Userld $UserID I Select • -ExpandProperty AdditionalProperties
There is only Create date / Time not usage. Do I need to be looking anywhere else?
1 Reply
Seems Get-MgBetaUserAuthenticationMethod cannot meet your requirement, try below:
Get-MsolUser -All | Select-Object DisplayName, UserPrincipalName, @{ Name = "MFA Status" Expression = { if ($_.StrongAuthenticationRequirements.State) { $_.StrongAuthenticationRequirements.State } else { "Disabled" } } }
