Forum Discussion
Risks when enabling ADAL for Exchange Online and Skype
You are simply enabling another auth provider, it is not directly tied to MFA. As long as the client supports ADAL/Modern auth, it will follow the new auth process (with or without MFA), and if it does not support it, it will use the legacy method. Apart from some of the PowerShell modules and sme 3rd party apps, all apps should have proper support for Modern auth now.
I didn't experience any issues when enabling OAuth in my tenancy - apart from not being able to log in to my account when on a different users PC, which is to be expected.
The rollback is easy enough, though be sure to communicate the change to your users.
- Is that because you have MFA enabled? We don't have this enabled yet, except for a few test users. Don you believe that if I make these changes that no one will notice a difference in sign in process?
You are simply enabling another auth provider, it is not directly tied to MFA. As long as the client supports ADAL/Modern auth, it will follow the new auth process (with or without MFA), and if it does not support it, it will use the legacy method. Apart from some of the PowerShell modules and sme 3rd party apps, all apps should have proper support for Modern auth now.
VasilMichev sorry, just one more question before I test this out. According to the https://blogs.office.com/2015/11/19/updated-office-365-modern-authentication-public-preview/, connecting to Exchange Online via PowerShell is not currently supported. We have some automation tasks that work against Exchange Online and the Compliance Center and require unattended sign-in. Would you expect these to break once modern auth is enabled?
I only have MFA enabled on vendor accounts. Enabling MFA by itself did not change the user experience for non-MFA enabled user accounts.
