diff --git a/Export MFA Status Report using MS Graph/GetMFAStatusReport.ps1 b/Export MFA Status Report using MS Graph/GetMFAStatusReport.ps1 index 4f491b7..b0b4b43 100644 --- a/Export MFA Status Report using MS Graph/GetMFAStatusReport.ps1 +++ b/Export MFA Status Report using MS Graph/GetMFAStatusReport.ps1 @@ -1,4 +1,26 @@ - +<# +============================================================================================= +Name: Export Office 365 users' MFA status using Microsoft Graph PowerShell +Description: This script exports O365 users MFA status report to CSV file +Version: 1.0 +Website: o365reports.com +Script by: O365Reports Team + +Script Highlights : +~~~~~~~~~~~~~~~~~ + +1. The script exports MFA status for all users. +2. You can filter results based on MFA status. I.e., you can export MFA enabled/disabled users separately. +3. Exports report to CSV file +4. You can filter the result to display Licensed users alone. +5. You can generate MFA report for sign-in allowed users only. +6. Shows MFA registration done through Conditional Access and Security Defaults too. +7. Automatically installs Microsoft Graph PowerShell module (if not installed already) upon your confirmation. + + +For detailed script execution: https://o365reports.com/2022/04/27/get-mfa-status-of-office-365-users-using-microsoft-graph-powershell +============================================================================================ +#> Param ( [Parameter(Mandatory = $false)] @@ -12,21 +34,22 @@ Param Function Connect_MgGraph { #Check for module installation - $Module=Get-Module -Name microsoft.graph -ListAvailable - if($Module.count -eq 0) + $MsGraphBetaModule = Get-Module Microsoft.Graph.Beta -ListAvailable + if($MsGraphBetaModule -eq $null) { - Write-Host Microsoft Graph PowerShell SDK is not available -ForegroundColor yellow - $Confirm= Read-Host Are you sure you want to install module? [Y] Yes [N] No - if($Confirm -match "[yY]") - { - Write-host "Installing Microsoft Graph PowerShell module..." - Install-Module Microsoft.Graph -Repository PSGallery -Scope CurrentUser -AllowClobber -Force - } - else - { - Write-Host "Microsoft Graph PowerShell module is required to run this script. Please install module using Install-Module Microsoft.Graph cmdlet." - Exit - } + Write-host "Important: Microsoft Graph Beta module is unavailable. It is mandatory to have this module installed in the system to run the script successfully." + $confirm = Read-Host Are you sure you want to install Microsoft Graph Beta module? [Y] Yes [N] No + if($confirm -match "[yY]") + { + Write-host "Installing Microsoft Graph Beta module..." + Install-Module Microsoft.Graph.Beta -Scope CurrentUser -AllowClobber + Write-host "Microsoft Graph Beta module is installed in the machine successfully" -ForegroundColor Magenta + } + else + { + Write-host "Exiting. `nNote: Microsoft Graph Beta module must be available in your system to run the script" -ForegroundColor Red + Exit + } } #Disconnect Existing MgGraph session if($CreateSession.IsPresent) @@ -34,11 +57,11 @@ Function Connect_MgGraph Disconnect-MgGraph } #Connecting to MgGraph beta - Select-MgProfile -Name beta Write-Host Connecting to Microsoft Graph... Connect-MgGraph -Scopes "User.Read.All","UserAuthenticationMethod.Read.All" } Connect_MgGraph +Write-Host "`nNote: If you encounter module related conflicts, run the script in a fresh PowerShell window.`n" -ForegroundColor Yellow if((Get-MgContext) -ne "") { Write-Host Connected to Microsoft Graph PowerShell using (Get-MgContext).Account account -ForegroundColor Yellow @@ -51,7 +74,7 @@ $ExportCount=0 $Results=@() #Get all users -Get-MgUser -All -Filter "UserType eq 'Member'" | foreach { +Get-MgBetaUser -All -Filter "UserType eq 'Member'" | foreach { $ProcessedUserCount++ $Name= $_.DisplayName $UPN=$_.UserPrincipalName @@ -76,7 +99,7 @@ Get-MgUser -All -Filter "UserType eq 'Member'" | foreach { $MFAPhone="-" $MicrosoftAuthenticatorDevice="-" Write-Progress -Activity "`n Processed users count: $ProcessedUserCount "`n" Currently processing user: $Name" - [array]$MFAData=Get-MgUserAuthenticationMethod -UserId $UPN + [array]$MFAData=Get-MgBetaUserAuthenticationMethod -UserId $UPN $AuthenticationMethod=@() $AdditionalDetails=@() @@ -196,7 +219,7 @@ Get-MgUser -All -Filter "UserType eq 'Member'" | foreach { if((Test-Path -Path $ExportCSV) -eq "True") { Write-Host `nThe output file contains $ExportCount users. - Write-Host `nThe Output file available in the current working directory with name: $ExportCSV -ForegroundColor Green + Write-Host `nThe Output file available in the current working directory with name: -NoNewline -Foregroundcolor Yellow; Write-Host $ExportCSV Write-Host `n"For more Microsoft 365 PowerShell scripts, visit: https://o365reports.com" $Prompt = New-Object -ComObject wscript.shell $UserInput = $Prompt.popup("Do you want to open output file?",` @@ -208,13 +231,7 @@ if((Test-Path -Path $ExportCSV) -eq "True") } else { - Write-Host No users found + Write-Host No users found. } - - <# -============================================================================================= -Name: Export Office 365 users' MFA status using Microsoft Graph PowerShell -Website: o365reports.com -For detailed script execution: https://o365reports.com/2022/04/27/get-mfa-status-of-office-365-users-using-microsoft-graph-powershell -============================================================================================ -#> \ No newline at end of file + Write-Host `n~~ Script prepared by AdminDroid Community ~~`n -ForegroundColor Green + Write-Host "~~ Check out " -NoNewline -ForegroundColor Green; Write-Host "admindroid.com" -ForegroundColor Yellow -NoNewline; Write-Host " to get access to 1800+ Microsoft 365 reports. ~~" -ForegroundColor Green `n`n \ No newline at end of file