Revoke/Require Registration MFA : Scripted

If you have a requirement to revoke all MFA sessions in Azure and then require the user to re-register then this is the script I use for this action, this will perform both the revoke and require re-registration for the MFA service in Azure.

The CSV file here will be the UPN of the users you wish to reset, so for my example it would be dirty.user@bears.cloud as a valid UPN.

# Initiates a connection to Azure Active Directory.
Connect-MsolService

#Import CSV file and Resets the strong authentication method by using a user principal name
Import-Csv "C:\Data\MFAUsersStatus.csv" | ForEach-Object {

$UserPrincipalName = $_."UserPrincipalName"

#Revoke MFA sessions in Azure
Reset-MsolStrongAuthenticationMethodByUpn -UserPrincipalName $UserPrincipalName

#Require Register for MFA in Azure
Set-MsolUser -UserPrincipalName $UserPrincipalName -StrongAuthenticationMethods @()

}

Once complete when the user logs in again they will get the register process like this:


Previous Post Next Post

Ω†Ω…ΩˆΨ°Ψ¬ Ψ§Ω„Ψ§ΨͺΨ΅Ψ§Ω„