-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathSet-O365MFAOptions.ps1
67 lines (60 loc) · 2.33 KB
/
Set-O365MFAOptions.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
function Set-O365MFAOptions {
[CmdletBinding()]
param (
[Parameter(Mandatory)]
[String]
$User,
[ValidateSet ("SMS", "Voice", "OTP", "Authenticator")]
[String[]]
$MFAType = "SMS"
)
begin {
# Connect to MSOnline if a valid connection does not exist
if (-not (Test-MSOLConnection)) {
Connect-MsolService
}
}
process {
$MFA_Options = @()
# Set MFA Options
foreach ($Option in $MFA_Type)
{
switch ($Option){
"SMS"
{
$MFA_SMS = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationMethod
$MFA_SMS.IsDefault = $true
$MFA_SMS.MethodType = "OneWaySMS"
Write-Host "OneWaySMS"
$MFA_Options += $MFA_SMS
}
"Voice"
{
$MFA_Voice = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationMethod
$MFA_Voice.IsDefault = $false
$MFA_Voice.MethodType = "TwoWayVoiceMobile"
Write-Host "TwoWayVoiceMobile"
$MFA_Options += $MFA_Voice
}
"OTP"
{
$MFA_OTP = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationMethod
$MFA_OTP.IsDefault = $false
$MFA_OTP.MethodType = "PhoneAppOTP"
write-Host "OTP"
$MFA_Options += $MFA_OTP
}
"Authenticator"
{
$MFA_Authenticator = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationMethod
$MFA_Authenticator.IsDefault = $false
$MFA_Authenticator.MethodType = "PhoneAppNotification"
Write-Host "Authenticator"
$MFA_Options += $MFA_Authenticator
}
}
# Set MFA Options on account
Set-MsolUser -Userprincipalname $User -StrongAuthenticationMethods $MFA_Options -Verbose
}
}
}