PowerShell and Modern Authentication

Modern Authentication is quite amazing, as it supports MFA and enhances security and does not send you login details across the network is basic authentication which is horrible, so as some background to this, when I used to connect to any Office 365 service I used to use this:

First I would import my Internet Explorer proxy settings, as I need to use one to connect to the internet, no native firewall access to the WWW, this is done by setting a variable called $ProxyOptions like this:

$ProxyOptions = New-PSSessionOption -ProxyAccessType ieconfig

Then you need to connect to in this example, Exchange Online using this:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection -SessionOption $ProxyOptions

Then you need to import the session variables into your Powershell session using this:

Import-PSSession $Session -AllowClobber

However that process means you get this appear:



Err not thanks, this is awful from a security point of view, does not support MFA and does not support modern authentication, so lets fix this issue right now......ditch the "old skool" commands and update you Powershell to this:

Set the proxy options again, as before

$ProxyOptions = New-PSSessionOption -ProxyAccessType ieconfig

If you dont have the module downloaded then install it like this:

Install-Module ExchangeOnlineManagement

Then you need to import it:

Import-Module ExchangeOnlineManagement

Then you need to connect, again this is for Exchange Online:

Connect-ExchangeOnline -UserPrincipalName chief.bear@grizzly.com -DelegatedOrganization grizzly.onmicrosoft.com -SessionOption $ProxyOptions

UPDATE :  -PSSessionOption $ProxyOptions

NOTE : obviously replace the variables -UserPrincipalName and -DelegateOrganization with your values and do not use the made up ones

Now you get the modern authentication, this is no much nicer and when we require Modern Authentication my logins will still work.