Forum Discussion
Risks when enabling ADAL for Exchange Online and Skype
You are simply enabling another auth provider, it is not directly tied to MFA. As long as the client supports ADAL/Modern auth, it will follow the new auth process (with or without MFA), and if it does not support it, it will use the legacy method. Apart from some of the PowerShell modules and sme 3rd party apps, all apps should have proper support for Modern auth now.
I didn't experience any issues when enabling OAuth in my tenancy - apart from not being able to log in to my account when on a different users PC, which is to be expected.
The rollback is easy enough, though be sure to communicate the change to your users.
You are simply enabling another auth provider, it is not directly tied to MFA. As long as the client supports ADAL/Modern auth, it will follow the new auth process (with or without MFA), and if it does not support it, it will use the legacy method. Apart from some of the PowerShell modules and sme 3rd party apps, all apps should have proper support for Modern auth now.
VasilMichev sorry, just one more question before I test this out. According to the https://blogs.office.com/2015/11/19/updated-office-365-modern-authentication-public-preview/, connecting to Exchange Online via PowerShell is not currently supported. We have some automation tasks that work against Exchange Online and the Compliance Center and require unattended sign-in. Would you expect these to break once modern auth is enabled?
- Thanks! I'll test this out soon. My fear was that changing this setting might have some effect on users with current outlook profiles, or sign ins on mobile apps.
I only have MFA enabled on vendor accounts. Enabling MFA by itself did not change the user experience for non-MFA enabled user accounts.
