Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/powershell/11.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Powershell 如何构造一个脚本来检查Azure Tentant并为管理员启用MFA?_Powershell_Azure Active Directory_Multi Factor Authentication_O365security Compliance - Fatal编程技术网
Fatal编程技术网
  • powershell/
  • Powershell 如何构造一个脚本来检查Azure Tentant并为管理员启用MFA?

Powershell 如何构造一个脚本来检查Azure Tentant并为管理员启用MFA?

powershell azure-active-directory

Powershell 如何构造一个脚本来检查Azure Tentant并为管理员启用MFA?,powershell,azure-active-directory,multi-factor-authentication,o365security-compliance,Powershell,Azure Active Directory,Multi Factor Authentication,O365security Compliance,你好,堆栈溢出 我遇到了以下问题。 我正在尝试创建一个脚本,该脚本将检查O365租户上存在哪些管理员帐户,并自动为他们启用MFA,以便他们下次登录时将提示设置MFA 以下代码如下所示: $mfa1=Get-MsolUser |选择对象UserPrincipalName、StrongAuthenticationMethods、StrongAuthenticationRequirements |其中对象{$\ UserPrincipalName-notin$exclude} } 让我知道我错在哪里,

你好,堆栈溢出

我遇到了以下问题。 我正在尝试创建一个脚本,该脚本将检查O365租户上存在哪些管理员帐户,并自动为他们启用MFA,以便他们下次登录时将提示设置MFA

以下代码如下所示:

$mfa1=Get-MsolUser |选择对象UserPrincipalName、StrongAuthenticationMethods、StrongAuthenticationRequirements |其中对象{$\ UserPrincipalName-notin$exclude}

}

让我知道我错在哪里,我已经在几乎所有的互联网上搜索了一个解决方案,而不必从CSV上传用户

提前谢谢

似乎您遇到了一些问题,但是下面基于您的代码的代码对我来说非常适合

对于快速测试,我指定一个用户来完成此过程:

$mfa1 = Get-MsolUser | Select-Object UserPrincipalName,StrongAuthenticationMethods,StrongAuthenticationRequirements | Where-object {$_.UserPrincipalName -eq  '<User Principal Name>' }
foreach ($item in $mfa1) {
#if there is no StrongAuthenticationMethods, enable MFA
if ($item.StrongAuthenticationMethods.Count -eq 0){
    $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
    $st.RelyingParty = "*"
    #here is the issue that you can't set MFA successfully, the value should be "Enabled"
    $st.State = "Enabled"
    $sta = @($st)
    Set-MsolUser -UserPrincipalName $item.UserPrincipalName -StrongAuthenticationRequirements $sta
    Write-Host "test1"
}
else {
    Write-Host "test2"
    }
}
当用户启用MFA并设置MFA方法时:

当用户没有MFA方法时:

如果您还有任何问题,请与我联系。

如果您要查找未启用的用户,则应使用$null-eq$item.StrongAuthenticationMethods或$item.StrongAuthenticationMethods.Count-eq 0抱歉,但为了测试这一点,我将状态设置为禁用,但为了在页面中发布,我更改了,但忘记将-ne更改为-eq:the$item.UserPrincipalName不受foreach函数的欢迎,错误:set-MsolUser:参数的值无效。参数名称:StrongAuthenticationRequirements。第13行字符:9+设置MsolUser-UserPrincipalName$item.UserPrincipalName-Stro…+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~类别信息:OperationsToping::[Set-MsolUser],MicrosoftOnlineException+FullyQualifiedErrorId:Microsoft.Online.Administration.Automation.PropertyValidationException,Microsoft.Online.Administration.Automation。SetUser@skitter,我已更新我的answer@skitter怎么样?你的问题解决了吗? 
$mfa1 = Get-MsolUser | Select-Object UserPrincipalName,StrongAuthenticationMethods,StrongAuthenticationRequirements | Where-object {$_.UserPrincipalName -eq  '<User Principal Name>' }
foreach ($item in $mfa1) {
#if there is no StrongAuthenticationMethods, enable MFA
if ($item.StrongAuthenticationMethods.Count -eq 0){
    $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
    $st.RelyingParty = "*"
    #here is the issue that you can't set MFA successfully, the value should be "Enabled"
    $st.State = "Enabled"
    $sta = @($st)
    Set-MsolUser -UserPrincipalName $item.UserPrincipalName -StrongAuthenticationRequirements $sta
    Write-Host "test1"
}
else {
    Write-Host "test2"
    }
}