MFA (Multi Factor Authentication) Authentication using PowerShell in SharePoint online

Now a day’s authentication is the most important factor in cloud environment. Many of the organizations are utilizing SharePoint Online as their Content Management System, it is basic that the delicate information does not slip into false hands. Therefore, Multi-Factor Authentication for Office 365 becomes possibly the most important factor. Multi-factor authentication, is a two-step process. In addition to passwords, users are expected to acknowledge a phone call/ text message to complete the verification process. One can enable Multi-Factor Authentication for a user by following these steps.

* Navigate to the Admin Portal through this link https://admin.microsoft.com/Adminportal



* Select the Active Users tab.

* Select a user, a new window will be open.

* Click on Manage multi-factor authentication link from more settings.

* Check on user account for which you want to enable MFA authentication and select enable option.

Or open admin centre with user for which you want to enable MFA authentication. Navigate to https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx

From the above figure you can see, we have successfully enabled multi factor authentication for user “test”

In our blog we will see how to work with MFA authentication using PowerShell. Basically, we provide user and password credentials in PowerShell script to retrieve client context object. If we will use same procedure with MFA enable user account it will show ‘Exception calling “Execute Query” with “0” argument(s): “The sign-in name or password does not match one in the Microsoft account system.”‘ while executing client context. In MFA authentication we use $authManager.GetWebLoginClientContext to retrieve context. Executing this line opens authentication window and ask for login credentials and acknowledged call/ text message to verify authentication from script.

Note: Make sure you have installed latest version SharePointPnPPowerShellOnline.msi in your system and added all dlls of latest versions. You can download

OfficeDevPnP.Core.dll,Microsoft.IdentityModel.Clients.ActiveDirectory.dll

package from these links.

https://www.nuget.org/packages/SharePointPnPCoreOnline/2.26.1805.1

https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/2.29.0

download packages , rename (add  .zip extension with it) and save it. Extract it to use dlls in scripts.

In this blog we are going to create a custom list with MFA authentication.

The code block for this is mentioned below.

try
{
$SiteURL = "http://portal/sites/site1"
$ListTitle = "NewList"

[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.dll")
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.Runtime.dll")
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.IdentityModel.Clients.ActiveDirectory.dll")
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\OfficeDevPnP.Core.dll")

$authManager = new-object OfficeDevPnP.Core.AuthenticationManager;              
$Context = $authManager.GetWebLoginClientContext($SiteURL);    

#Retrieve lists

$Lists = $Context.Web.Lists
$Context.Load($Lists)
$Context.ExecuteQuery()

#Create list with "custom" list template

$ListInfo = New-Object Microsoft.SharePoint.Client.ListCreationInformation
$ListInfo.Title = $ListTitle
$ListInfo.TemplateType = "100"
$List = $Context.Web.Lists.Add($ListInfo)
$List.Description = "new list description"
$List.Update()
$Context.ExecuteQuery()
}
catch{
    Write-Host -ForegroundColor Red 'Error ', ':' $Error[0].ToString();
   
    sleep 10 

}

After code executed, custom list is created successfully in SharePoint site.

This solution is brought to you by our SharePoint professionals.

Softree Consulting employs SharePoint consultants; we are a technology services provider with the aim to help companies achieve exceptional performance through SharePoint. Our dedicated team of SharePoint consultants has the right bent of mind to understand and execute customer requirements.

Be it SPFx or SharePoint add-in developments, SharePoint 2019 developments, web part developments, migrating from SharePoint 2010/2013 to SharePoint 2013/2016/Office 365, Office 365, SharePoint hosted apps development or something else in SharePoint, we strive to deliver the best

Softree Consulting is an award-winning SharePoint consultancy that has been working with clients from across the globe to transform workplaces with tools and platforms from Microsoft technology. As a widely recognized organization, we are commonly approached to incorporate technical excellence and innovative design into all our customer actions.....

Site Footer