I was recently contacted to do some automation around Re-register MFA.
There is a GUI Option for it by going to Azure Active Directory, Selecting the user Authentication methods and pushing Require Re-Register MFA button as shown in below screenshot.
When you hit this option as admin on user profile in Azure AD and user will then launch MFA setup link it will start the registration process that he initially did.
Otherwise if you are already registered and go to that link, it will launch security-info
This pushing of registration is sometime required when user lost his phone, or some other issue happened, and user want to register again for MFA.
Now if you want to achieve the same thing utilizing PowerShell magic, here is what you have to do.
Although MSOnline Module is old but it still easily solves many of these purposes.
Install the MSOnline Module from PowerShell Gallery:
Install-Module -Name MSOnline
Connect-MsolService
Let’s first check the existing user for which we will push the registration.
$u=Get-MsolUser -UserPrincipalName “UserPrincipalName of user”
$u.StrongAuthenticationMethods
Now let’s push the re-registration of MFA.
$p=@()
Set-MsolUser -UserPrincipalName “UserPrincipalName of user”-StrongAuthenticationMethods $p
Now if you again run the commands below, Strong authentication methods will come as blank.
$u=Get-MsolUser -UserPrincipalName “UserPrincipalName of user”
$u.StrongAuthenticationMethods
Now let’s launch
https://aka.ms/mfasetup
you will get prompt re-register
Thanks for reading…
Tech Wizard
Tech Wizard 