Start Windows PowerShell as administrator and run the cmdlet Connect-MsolService. Connect to Azure Active Directoryīefore we can proceed further and get the MFA status for all the users, we need to install and connect to Azure AD with PowerShell (MsolService).
In the next step, we will show how to create an MFA report. Is there a better way to have an insight into the MFA instead of the Microsoft 365 page? Yes, there is, and that’s when PowerShell will come to the rescue. That’s because Microsoft did not provide a way for that. The PowerShell script can’t identity the MFA status if it’s enabled through Security Defaults (see the last step of how to disable) or Conditional Access. If you see that MFA is enabled or enforced, it does not mean that MFA is configured. It does not indicate which MFA authorization option the user enabled.Not shown if the users did finish the MFA process.
Why we do not recommend you to use the multi-factor authentication web page for information: In our example, we have a couple of users MFA enabled, and MFA enforced. Navigate to Users > Active Users > Multi-factor authentication.Ī new page will open, and it will show all the users and their multi-factor auth status. Let’s have a look at Microsoft 365 and check the MFA user status.