Multi-factor authentication for Exchange Online PowerShell

Everything at the Microsoft MVP Summit is automatically under NDA, so rather than talk about all the secret stuff, I thought I’d share something I learned there that isn’t under NDA because it was already public. Somehow I missed this announcement before, but: there’s a public preview of a new Exchange Online PowerShell module that supports Azure multi-factor authentication (MFA). If you have turned on MFA for administrators in Office 365, you’ve probably found that they can’t use PowerShell to manage Exchange objects. Now you can: download and install this module and you’re all set. Here’s what it looks like in action:


I found out about this when I complained publicly in Tim Heeney‘s session that this doesn’t work. Thankfully Tim set me straight posthaste; after I got the link to the preview, a little searching turned up fellow MVP Vasil Michev’s article describing it, which I either forgot about or never saw.


Filed under Office 365, UC&C

7 responses to “Multi-factor authentication for Exchange Online PowerShell

  1. Kurt Bertelsen

    This isn’t very helpful with out some description of what to do and what is available. the link is just a file download with no instructions.

    • robichaux

      Fair point. If you download and install that file, you’ll get a new desktop shortcut that loads a version of EMS that supports MFA. There aren’t really any other instructions I can give you. Download it, open it, and use Connect-EXOPSSession.

  2. George

    Is there anyway to integrate this into the ISE?

    • robichaux

      Not that I know of. I am hoping that we’ll eventually get a drop of the shell that has MFA built in, in which case there won’t be any separate integration requirement.

  3. Ravi

    Do we know the possible switches for the connect-exoPSsession? For example how do we use delegated admin and specify the delegated organisation?

    Previously it could be specified in the url as follows:

    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

    • Microsoft has published a specific Exchange Online module that integrates Modern Authentication. I can’t find the link right now, so you may have to call them to get your hands on it.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.