hi
i have send my users the aka.ms/mfasetup url for enroll the MFA
is there a report that i can see if user was enrolled and i can add him to Conditional access ?
Create Report of azure mfa users that have been enroll
Powershell code below creates a csv with all users and if they are enrolled with the authentication method used
Install-Module MSOnline
Connect-MsolService
Get-MsolUser -All | Select-Object @{N='UserPrincipalName';E={$_.UserPrincipalName}},
@{N='MFA Status';E={if ($.StrongAuthenticationRequirements.State){$.StrongAuthenticationRequirements.State} else {"Disabled"}}},
@{N='MFA Methods';E={$_.StrongAuthenticationMethods.methodtype}} | Export-Csv -Path c:\MFA_Report.csv -NoTypeInformation
Your best option here is to use the Graph API: https://docs.microsoft.com/en-us/graph/api/resources/credentialuserregistrationdetails?view=graph-rest-beta
You can use below PowerShell cmdlets to get list of users with MFA Enabled:
Install-Module MSOnlineIf the module is not installed already.Connect-MsolServiceLogin with Global Admin account.Get-MsolUser -All | select DisplayName,BlockCredential,UserPrincipalName,@{N="MFA Status"; E={ if( $_.StrongAuthenticationRequirements.State -ne $null){ $_.StrongAuthenticationRequirements.State} else { "Disabled"}}}To get a list of users with MFA Enabled
Please "Accept as answer" wherever the information provided helps you to help others in the community.
Just check out this built-in Azure report, although it doesn't always seem to be up-to-date:
https://portal.azure.com/#blade/Microsoft_AAD_IAM/AuthMethodsOverviewBlade
6 people are following this question.
