-
Notifications
You must be signed in to change notification settings - Fork 5.4k
/
Copy pathGet-CIPPAlertMFAAlertUsers.ps1
26 lines (22 loc) · 1.13 KB
/
Get-CIPPAlertMFAAlertUsers.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
function Get-CIPPAlertMFAAlertUsers {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
Param (
[Parameter(Mandatory = $false)]
[Alias('input')]
$InputValue,
$TenantFilter
)
try {
$users = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?`$top=999&filter=IsAdmin eq false and isMfaRegistered eq false and userType eq 'member'&`$select=userPrincipalName,lastUpdatedDateTime,isMfaRegistered,IsAdmin" -tenantid $($TenantFilter) -AsApp $true | Where-Object { $_.userDisplayName -ne 'On-Premises Directory Synchronization Service Account' }
if ($users.UserPrincipalName) {
$AlertData = "The following $($users.Count) users do not have MFA registered: $($users.UserPrincipalName -join ', ')"
Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData
}
} catch {
Write-LogMessage -message "Failed to check MFA status for all users: $($_.exception.message)" -API 'MFA Alerts - Informational' -tenant $TenantFilter -sev Info
}
}