Check - User - AuthenticationPolicy

Copper Contributor

Hi all


I hope I am in the right place.


I have three different AuthenticationPolicy setup in Powershell. I have set the user AuthenticationPolicy using the below command
Set-User -Identity User -AuthenticationPolicy "Policy1"

I want to now check that the command successfully worked and I thought running the below command would show the policy a user is assigned to but this did not work:

Get-User -Identity LegacyUser


What command can I run that shows the users and their authentication policy they are assigned to?


Thanks You


2 Replies


Get-ADUser USERNAME -Properties AuthenticationPolicy | select AuthenticationPolicy,samaccountname

Get-User should show the policy:


get-user | ft Name, Auth*


If the field is empty, this means that the tenant-wide default policy is applied. You can check which is the default one via:


Get-OrganizationConfig | select -ExpandProperty DefaultAuthenticationPolicy