通过 PowerShell 启用没有旧 phone 编号的 O365 MFA
Enable O365 MFA with no old phone number via PowerSehll
我已经创建了 2 个用于启用和禁用 MFA 的 PowerShell 脚本,它可以工作,但是当我想删除 phone 号码时,禁用 MFA 脚本不会删除 phone 号码.所以当我再次为用户启用 MFA 时。旧号码还在
启用 MFA
Import-Module MSOnline
$Username = 'o365admin@xxx.onmicrosoft.com'
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username,$Password -ErrorAction Stop
Connect-MsolService -credential $credentials -ErrorAction Stop
$mfa = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement")
$mfa.RelyingParty = '*'
$mfa.RememberDevicesNotIssuedBefore = (Get-Date)
$auth = @($mfa)
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
禁用 MFA
Import-Module MSOnline
$Username = 'o365admin@xxx.onmicrosoft.com'
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username,$Password -ErrorAction Stop
Connect-MsolService -credential $credentials -ErrorAction Stop
$mfa = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement")
$mfa.RelyingParty = '*'
$mfa.RememberDevicesNotIssuedBefore = (Get-Date)
$auth = @()
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
我找到了自己的答案
此代码仅禁用 MFA 但不会删除 phone 数字等
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
我也必须添加这个以删除 phone 数字
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationMethods $auth"
所以代码看起来像:
Import-Module MSOnline
$Username = 'o365admin@xxx.onmicrosoft.com'
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username,$Password -ErrorAction Stop
Connect-MsolService -credential $credentials -ErrorAction Stop
$mfa = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement")
$mfa.RelyingParty = '*'
$mfa.RememberDevicesNotIssuedBefore = (Get-Date)
$auth = @()
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationMethods $auth"
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
我已经创建了 2 个用于启用和禁用 MFA 的 PowerShell 脚本,它可以工作,但是当我想删除 phone 号码时,禁用 MFA 脚本不会删除 phone 号码.所以当我再次为用户启用 MFA 时。旧号码还在
启用 MFA
Import-Module MSOnline
$Username = 'o365admin@xxx.onmicrosoft.com'
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username,$Password -ErrorAction Stop
Connect-MsolService -credential $credentials -ErrorAction Stop
$mfa = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement")
$mfa.RelyingParty = '*'
$mfa.RememberDevicesNotIssuedBefore = (Get-Date)
$auth = @($mfa)
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
禁用 MFA
Import-Module MSOnline
$Username = 'o365admin@xxx.onmicrosoft.com'
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username,$Password -ErrorAction Stop
Connect-MsolService -credential $credentials -ErrorAction Stop
$mfa = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement")
$mfa.RelyingParty = '*'
$mfa.RememberDevicesNotIssuedBefore = (Get-Date)
$auth = @()
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
我找到了自己的答案
此代码仅禁用 MFA 但不会删除 phone 数字等
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"
我也必须添加这个以删除 phone 数字
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationMethods $auth"
所以代码看起来像:
Import-Module MSOnline
$Username = 'o365admin@xxx.onmicrosoft.com'
$Password = ConvertTo-SecureString 'Password' -AsPlainText -Force
$credentials = new-object -typename System.Management.Automation.PSCredential -argumentlist $Username,$Password -ErrorAction Stop
Connect-MsolService -credential $credentials -ErrorAction Stop
$mfa = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement")
$mfa.RelyingParty = '*'
$mfa.RememberDevicesNotIssuedBefore = (Get-Date)
$auth = @()
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationMethods $auth"
Set-MsolUser -UserPrincipalName user@xxx.onmicrosoft.com -StrongAuthenticationRequirements $auth"