Forum Discussion

StuartK73's avatar
StuartK73
Iron Contributor
Aug 06, 2019

Report Users with NO Alternative Authentication Phone

Hi All

 

Is it possible to create a report showing users with / without an Alternative Authentication Phone Number?

 

Info greatly appreciated

  • StuartK73 

     

    Can you try the below script to list all users without alternative auth phone number.

     

    $Result=@()
    $users = Get-MsolUser -All
    $users | ForEach-Object {
    $user = $_
    $alternativePhoneNumber = $user.StrongAuthenticationUserDetails.AlternativePhoneNumber
    if($alternativePhoneNumber -eq $null) { 
    $Result += New-Object PSObject -property @{ 
    UserName = $user.DisplayName
    UserPrincipalName = $user.UserPrincipalName
    }
    }
    }
    $Result | Select UserName,UserPrincipalName

    Or you can try below script to list only MFA enabled users without alternative auth phone.

    $Result=@()
    $users = Get-MsolUser -All | Where {$_.StrongAuthenticationMethods -ne $null -or $_.StrongAuthenticationRequirements.State -ne $nul}
    $users | ForEach-Object {
    $user = $_
    $alternativePhoneNumber = $user.StrongAuthenticationUserDetails.AlternativePhoneNumber
    if($alternativePhoneNumber -eq $null) { 
    $Result += New-Object PSObject -property @{ 
    UserName = $user.DisplayName
    UserPrincipalName = $user.UserPrincipalName
    }
    }
    }
    $Result | Select UserName,UserPrincipalName

Resources