Scenario: You need to verify who has MFA configured and how does not. You are interested in knowing which MFA methods users are enrolled into as well.
Scritplet:
#Collect users
$users = get-msoluser -all
#Loop through all users and store in $Results
$results = @()
$users | sort userprincipalname | %{
$n = $_.userprincipalname
$A= $_.StrongAuthenticationMethods
If($A -ne $Null){
Write-Host "$N - Has MFA configured" -ForegroundColor Green
$A | %{
$obj = new-object psObject
$obj | Add-Member -membertype noteproperty -Name UPN -Value $n
$obj | Add-Member -membertype noteproperty -Name MFAConfigured -Value "Yes"
$obj | Add-Member -membertype noteproperty -Name IsDefault -Value $_.IsDefault
$obj | Add-Member -MemberType noteproperty -Name MethodType -Value $_.MethodType
$Results += $obj
}
}else{
Write-Host "$N - does not have MFA configured" -ForegroundColor Magenta
$obj = new-object psObject
$obj | Add-Member -membertype noteproperty -Name UPN -Value $n
$obj | Add-Member -membertype noteproperty -Name MFAConfigured -Value "No"
$obj | Add-Member -membertype noteproperty -Name IsDefault -Value "False"
$obj | Add-Member -MemberType noteproperty -Name MethodType -Value "MFANotConfigured"
$Results += $obj
}
$n = $null
$a = $null
}
#View Results
$results
#Export Results
$results | Export-csv c:\temp\MFAStatus.csv
Ex-Shell 