Forum Discussion

sachin011390's avatar
sachin011390
Copper Contributor
Sep 06, 2021

Manage M365 MFA setting using Powershell

I am enforcing Multi-Factor Authentication for all my M365 users (azure ad plan 2) and it works as expected. Ability to set exceptions when users work from particular branch offices too works as expe...
MFA
sachin011390's avatar
sachin011390
Copper Contributor
Sep 06, 2021

pvanberlothanks. but i want to set IP based exceptions only. not interested in conditional access in this case.

pvanberlo's avatar
pvanberlo
MCT
Sep 06, 2021

sachin011390 I understand what you're saying, however, Microsoft actually recommends using Azure AD Conditional Access for MFA purposes nowadays. I do not believe there is a programmatic or PowerShell way to change the "trusted IPs for per user MFA" and the portal is the only way to manage this interactively.

  • MikeCrowley's avatar
    MikeCrowley
    Iron Contributor
    Sep 26, 2021
    Trusted IPs all come over to conditional access as the "mfa trusted ips" named location. you can interact with named locations.
    e.g.
    New-MgIdentityConditionalAccessNamedLocation
    https://docs.microsoft.com/en-us/powershell/module/microsoft.graph.identity.signins/new-mgidentityconditionalaccessnamedlocation?view=graph-powershell-beta

Resources