Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

how to enable azure ad MFA using powershell and UPN list in csv file

Steel Contributor

how to enable azure ad MFA using powershell and UPN list in csv file?

 

thanks

2 Replies

There are sample steps here: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates#change-s...

All you need to do is change the $users line to import the CSV.

 

Or look up an ready-to-use script online, I'm sure there are few avaialble.

best response confirmed by Marvin Oco (Steel Contributor)
Solution

 

HOW TO ENABLE OFFICE 365 MFA USING POWERSHELL AND CSV FILE

 

  1. CREATE CSV FILE WITH HEADER "UserPrincipalName”

 

 

UserPrincipalName

user1@contoso.com

user2@contoso.com

user3@contoso.com

user4@contoso.com

user5@contoso.com

user6@contoso.com

user7@contoso.com

user8@contoso.com

user9@contoso.com

user10@contoso.com

 

2.       Run  script BELOW (change the path and name of your csv file)

 

Connect-MsolService

 

$users = Import-Csv C:\Users\csv \enablemfa.csv

 

foreach ($user in $users)

 

{

    $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement

    $st.RelyingParty = "*"

    $st.State = "Enabled"

    $sta = @($st)

    Set-MsolUser -UserPrincipalName $user.UserPrincipalName -StrongAuthenticationRequirements $sta

}

 

Write-Host "DONE RUNNING SCRIPT"

 

Read-Host -Prompt "Press Enter to exit"

 

1 best response

Accepted Solutions
best response confirmed by Marvin Oco (Steel Contributor)
Solution

 

HOW TO ENABLE OFFICE 365 MFA USING POWERSHELL AND CSV FILE

 

  1. CREATE CSV FILE WITH HEADER "UserPrincipalName”

 

 

UserPrincipalName

user1@contoso.com

user2@contoso.com

user3@contoso.com

user4@contoso.com

user5@contoso.com

user6@contoso.com

user7@contoso.com

user8@contoso.com

user9@contoso.com

user10@contoso.com

 

2.       Run  script BELOW (change the path and name of your csv file)

 

Connect-MsolService

 

$users = Import-Csv C:\Users\csv \enablemfa.csv

 

foreach ($user in $users)

 

{

    $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement

    $st.RelyingParty = "*"

    $st.State = "Enabled"

    $sta = @($st)

    Set-MsolUser -UserPrincipalName $user.UserPrincipalName -StrongAuthenticationRequirements $sta

}

 

Write-Host "DONE RUNNING SCRIPT"

 

Read-Host -Prompt "Press Enter to exit"

 

View solution in original post