Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <############
- Run this script and use your email credentials, and then all client tenants that have delegated access in the partner portal with your account credentials.
- ############>
- ## Create 2FA Audit folder if it doesn't exist
- if(Test-Path "C:\2FAAudit" -PathType Container){} else {New-Item -Path "C:\" -Name "2FAAudit" -ItemType "directory"}
- if(Test-Path "C:\SKU" -PathType Container){} else {New-Item -Path "C:\" -Name "SKU" -ItemType "directory"}
- Connect-MsolService -Credential $cred
- # Get list of tenants
- Get-MsolPartnerContract -All | ForEach {
- # Get all users in an office 365 tenant
- Write-Host ($_.Name) -ForegroundColor Green
- $tenant = $_.DefaultDomainName # This determines the filename of the csv
- ## Export list of Licensed Users and 2FA Status
- Get-MsolUser -TenantId $_.TenantId.Guid -EnabledFilter EnabledOnly -MaxResults 2000 | Where-Object { $_.isLicensed -eq "TRUE" } | select DisplayName,@{N='Email';E={$_.UserPrincipalName}},@{n="Licenses";e={$_.Licenses.AccountSKUid}},@{N='2FA';E={($_ | Select -ExpandProperty StrongAuthenticationRequirements)}} | Export-Csv C:\2FAAudit\$tenant`.csv
- ## Export list Administrators and 2FA status, this doubles up if there are licensed administrators.
- Get-MsolRoleMember -TenantId $_.TenantId.Guid -RoleObjectId $(Get-MsolRole -RoleName "Company Administrator").ObjectId | select DisplayName,@{N='Email';E={$_.EmailAddress}},@{n="Licenses";e={$_.Licenses.AccountSKUid}},@{N='2FA';E={($_ | Select -ExpandProperty StrongAuthenticationRequirements)}} | Export-Csv C:\2FAAudit\$tenant`.csv -Append
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement