Check - User - AuthenticationPolicy

%3CLINGO-SUB%20id%3D%22lingo-sub-1700844%22%20slang%3D%22en-US%22%3ECheck%20-%20User%20-%20AuthenticationPolicy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1700844%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20hope%20I%20am%20in%20the%20right%20place.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20three%20different%26nbsp%3BAuthenticationPolicy%20setup%20in%20Powershell.%20I%20have%20set%20the%20user%20AuthenticationPolicy%20using%20the%20below%20command%3CBR%20%2F%3ESet-User%20-Identity%20User%20-AuthenticationPolicy%20%22Policy1%22%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3EI%20want%20to%20now%20check%20that%20the%20command%20successfully%20worked%20and%20I%20thought%20running%20the%20below%20command%20would%20show%20the%20policy%20a%20user%20is%20assigned%20to%20but%20this%20did%20not%20work%3A%3C%2FP%3E%3CP%3EGet-User%20-Identity%20LegacyUser%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20command%20can%20I%20run%20that%20shows%20the%20users%20and%20their%20authentication%20policy%20they%20are%20assigned%20to%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20You%3C%2FP%3E%3CP%3ECha%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1700844%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAuthentication%20Policy%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAuthenticationPolicy%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EPowerShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1700883%22%20slang%3D%22en-US%22%3ERe%3A%20Check%20-%20User%20-%20AuthenticationPolicy%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1700883%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F804978%22%20target%3D%22_blank%22%3E%40VolumeCHA%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EGet-ADUser%20USERNAME%20-Properties%20AuthenticationPolicy%20%7C%20select%20AuthenticationPolicy%2Csamaccountname%3C%2FSTRONG%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

Hi all

 

I hope I am in the right place.

 

I have three different AuthenticationPolicy setup in Powershell. I have set the user AuthenticationPolicy using the below command
Set-User -Identity User -AuthenticationPolicy "Policy1"

I want to now check that the command successfully worked and I thought running the below command would show the policy a user is assigned to but this did not work:

Get-User -Identity LegacyUser

 

What command can I run that shows the users and their authentication policy they are assigned to?

 

Thanks You

Cha

2 Replies

@VolumeCHA 

Get-ADUser USERNAME -Properties AuthenticationPolicy | select AuthenticationPolicy,samaccountname

Highlighted

Get-User should show the policy:

 

get-user | ft Name, Auth*

 

If the field is empty, this means that the tenant-wide default policy is applied. You can check which is the default one via:

 

Get-OrganizationConfig | select -ExpandProperty DefaultAuthenticationPolicy