SOLVED
Home

TLS 1.2 Only Exchange Online PowerShell MFA module

%3CLINGO-SUB%20id%3D%22lingo-sub-811429%22%20slang%3D%22en-US%22%3ETLS%201.2%20Only%20Exchange%20Online%20PowerShell%20MFA%20module%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-811429%22%20slang%3D%22en-US%22%3E%3CP%3EI%20recently%20encountered%20a%20locked%20down%20environment%20and%20realized%20that%20I%20could%20not%20use%20the%20Exchange%20Online%20PowerShell%20module%20(with%20MFA)%20in%20the%20environment%20because%20TLS%201.0%20was%20blocked%20as%20a%20client%20protocol.%20I%20recreated%20the%20scenario%20in%20my%20environment%20and%20sure%20enough%2C%20as%20soon%20as%20TLS%201.0%20was%20enabled%20in%20the%20registry%20it%20would%20allow%20me%20to%20sign%20in.%20Is%20this%20expected%20behavior%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F127529iF2DD6A62708556C9%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-811429%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAuthentication%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-812063%22%20slang%3D%22en-US%22%3ERe%3A%20TLS%201.2%20Only%20Exchange%20Online%20PowerShell%20MFA%20module%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-812063%22%20slang%3D%22en-US%22%3E%3CP%3EAnswering%20my%20own%20question%20%3A)I%20needed%20to%20update%20my%20PowerShell%20session%20to%20require%20TLS%201.2%20and%20was%20good%20to%20go.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%23%20Check%20Protocol%20Settings%20in%20PS%20Session%3CBR%20%2F%3E%5BSystem.Net.ServicePointManager%5D%3A%3ASecurityProtocol%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%23%20Update%20to%20require%20TLS%201.2%3CBR%20%2F%3E%5BSystem.Net.ServicePointManager%5D%3A%3ASecurityProtocol%20%3D%20%5BSystem.Net.SecurityProtocolType%5D%3A%3ATls12%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
CAT_AndyP
New Contributor

I recently encountered a locked down environment and realized that I could not use the Exchange Online PowerShell module (with MFA) in the environment because TLS 1.0 was blocked as a client protocol. I recreated the scenario in my environment and sure enough, as soon as TLS 1.0 was enabled in the registry it would allow me to sign in. Is this expected behavior?

 

clipboard_image_0.png

1 Reply
Solution

Answering my own question :) I needed to update my PowerShell session to require TLS 1.2 and was good to go.

 

# Check Protocol Settings in PS Session
[System.Net.ServicePointManager]::SecurityProtocol

 

# Update to require TLS 1.2
[System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;

 

Related Conversations