Feedback by UserVoice

Fred

My feedback

  1. 3,234 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    141 comments  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Fred commented  · 

    The steps are pretty clear in that exchangequery post I added some lines to give me and email confirmation:

    My PS code in the azure automation runbook:

    #Read in the value from the flow
    Param
    (
    [Parameter (Mandatory= $false)]

    [String] $name = ""
    )
    $UPN = $name+"@domainname"
    #connect with azure automation user
    $creds = Get-AutomationPSCredential -Name 'globalAdminUser'
    Connect-MsolService -Credential $creds

    #check status of the user
    $body = @()
    $body = $body+"User enabled already? (no output means no)"+(Get-MsolUser -UserPrincipalName $UPN).StrongAuthenticationRequirements
    $body += Write-output "-------------------------------------"

    #enable the user
    Import-Module MSOnline
    $st = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement
    $st.RelyingParty = "*"
    $st.State = "Enabled"
    $sta = @($st)
    Set-MsolUser -UserPrincipalName $UPN -StrongAuthenticationRequirements $sta

    #check and email out the status
    $body = $body+"Username is:"+$UPN
    $body += (Get-MsolUser -UserPrincipalName $UPN).StrongAuthenticationRequirements
    $body += "If 'Enabled' state you are good to go!"

    #email out results
    $body = $body | out-string
    Send-MailMessage -From "<from@blah>" -To "<email>", "<email>" -Subject "User MFA Enabled" -Body $body -SmtpServer "externally accessible email server"

    Fred commented  · 

    Thanks Ryan, Does that let people access the standard website GUI or some other way of accessing? I assigned the role to my user but no access (at least yet).
    https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx?

    Fred commented  · 

    I got the azure automation+flow working as per Paris Wells' comment link below, took a while to figure out but it works. thanks!

    Fred commented  · 

    Raj, have you tested this? doesn't work for me.

    Fred supported this idea  · 
  2. 97 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Fred supported this idea  · 
  3. 151 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Fred supported this idea  · 
  4. 17 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Office 365 Security & Compliance » Auditing  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
  5. 409 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    25 comments  ·  Office 365 Security & Compliance » Reports  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
  6. 18 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Fred shared this idea  · 
  7. 44 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Office 365 Admin » SharePoint Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
  8. 7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
    Fred commented  · 

    also if you turn on MFA you can't connect via powershell to some environments such as sharepoint and exchange online. connecting to AAD does work.

  9. 25 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
    Fred commented  · 

    Just like ignoring on prem account expiration, this is another major security issue with O365.

  10. 104 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    9 comments  ·  General » Users, Photos, Contacts  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
  11. 9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Office 365 Admin  ·  Flag idea as inappropriate…  ·  Admin →
    Fred commented  · 

    Just like ignoring on prem account expiration, this is another major security issue with O365

    Fred supported this idea  · 
  12. 421 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Fred supported this idea  · 
    Fred commented  · 

    I also agree this is a major flaw of O365 and needs to be added/checked by O365. We sync O365 via AD Connect, but are primarily managing user accounts via on prem AD.

  13. 60 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Office 365 Security & Compliance  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 
  14. 116 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Office 365 Security & Compliance » eDiscovery  ·  Flag idea as inappropriate…  ·  Admin →
    Fred supported this idea  · 

Feedback and Knowledge Base