Update Export-MsIdAzureMfaReport to include additional admin portals #77
Labels
bug
Something isn't working
Comments
|
Just noticed Entra & Intune portal share the same appID as Azure Portal - in which case, it is just Microsoft 365 Admin Centre we need included. Thank you! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
As documented here: https://azuread.github.io/MSIdentityTools/commands/Export-MsIdAzureMfaReport the Export-MsIdAzureMfaReport command exports instaces of user logins to the Az Portal, Az CLI and Az Powershell to help discovery ahead of the MFA enforcement for access to these portals.
Microsoft have since announced MFA enforcement for other portals such as Entra, Intune and Microsoft 365 Admin Centre, none of which are included in the export using this module.
Could I kindly request the module is updated to include this information, as not all environments have signinlogs available via Azure Monitor (so we cant use KQL to discover) and the Entra portal Signin logs are limited in the ability to combine multiple filters (ie multiple app ID's)
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Report to include all platforms that are covered by the MFA enforcement (Azure Portal, Entra Admin Centre, Intune Admin Centre, Microsoft 365 Admin Centre, Azure CLI, Azure Powershell, Azure Mobile App) as listed here: https://learn.microsoft.com/en-nz/entra/identity/authentication/concept-mandatory-multifactor-authentication
Screenshots
Environment (please complete the following information)
Additional context
The text was updated successfully, but these errors were encountered: