machv · October 20, 2021 14:50
diff --git a/Export-AuthenticationMethodsReport.ps1 b/Export-AuthenticationMethodsReport.ps1
 $configFilePath = "$($env:USERPROFILE)\aad.cnf"
 $data = Get-Content $configFilePath
 $config = [System.Text.Encoding]::Unicode.GetString([Convert]::FromBase64String($data)) | ConvertFrom-Json

 $token = Invoke-ClientCredentialsFlow -Tenant $config.TenantId -ClientId $config.ClientId -ClientSecret $config.ClientSecret
 $headers = @{
    "Authorization" = "Bearer $($token.AccessToken)"
 }

 # Get AAD Users.
 $results = Invoke-RestMethod -Headers $headers -Uri  "https://graph.microsoft.com/v1.0/users?`$top=999" -Method Get
 $aadUsers = $results.value
            
 if ($results.'@odata.nextLink') {
    $aadUsers += $results.value
    do {
        $results = Invoke-RestMethod -Headers $headers -Uri  $results.'@odata.nextLink' -Method Get
        $aadUsers += $results.value
    } while ($results.'@odata.nextLink')
 }

 $user = $aadUsers | Select -First 1
 foreach ($user in $aadUsers) {
    $upn = [System.Web.HTTPUtility]::UrlEncode($user.userPrincipalName)
    $authMethods = Invoke-RestMethod -Headers $headers -Uri "https://graph.microsoft.com/beta/users/$($upn)/authentication/methods" -Method Get
    
    if ($authMethods.value.count -gt 0) {
        $user | Add-Member -Type NoteProperty -Name "authMethods" -Value @($authMethods.value).'@odata.type'.replace("#microsoft.graph.", "")
        $authDetails = $authMethods.value
        $methods = @()
        foreach ($authMethod in $authDetails) {
            $methodName = $authMethod.'@odata.type'.replace("#microsoft.graph.", "")
            $authMethod.'@odata.type' = $methodName
            $methods += $methodName
        } 
        $user | Add-Member -Type NoteProperty -Name "authMethodsDetail" -Value @($authDetails)
        $user | Add-Member -Type NoteProperty -Name "authMethodsCount" -Value $authMethods.value.count
        $user | Add-Member -Type NoteProperty -Name "authMethodsList" -Value ($methods -join ",")
    }
 }

 $aadUsers | Export-Csv -Path "mfa-report.csv" -NoTypeInformation -Encoding UTF8
	$configFilePath = "$($env:USERPROFILE)\aad.cnf"
	$data = Get-Content $configFilePath
	$config = [System.Text.Encoding]::Unicode.GetString([Convert]::FromBase64String($data)) \| ConvertFrom-Json

	$token = Invoke-ClientCredentialsFlow -Tenant $config.TenantId -ClientId $config.ClientId -ClientSecret $config.ClientSecret
	$headers = @{
	"Authorization" = "Bearer $($token.AccessToken)"
	}

	# Get AAD Users.
	$results = Invoke-RestMethod -Headers $headers -Uri "https://graph.microsoft.com/v1.0/users?`$top=999" -Method Get
	$aadUsers = $results.value

	if ($results.'@odata.nextLink') {
	$aadUsers += $results.value
	do {
	$results = Invoke-RestMethod -Headers $headers -Uri $results.'@odata.nextLink' -Method Get
	$aadUsers += $results.value
	} while ($results.'@odata.nextLink')
	}

	$user = $aadUsers \| Select -First 1
	foreach ($user in $aadUsers) {
	$upn = [System.Web.HTTPUtility]::UrlEncode($user.userPrincipalName)
	$authMethods = Invoke-RestMethod -Headers $headers -Uri "https://graph.microsoft.com/beta/users/$($upn)/authentication/methods" -Method Get

	if ($authMethods.value.count -gt 0) {
	$user \| Add-Member -Type NoteProperty -Name "authMethods" -Value @($authMethods.value).'@odata.type'.replace("#microsoft.graph.", "")
	$authDetails = $authMethods.value
	$methods = @()
	foreach ($authMethod in $authDetails) {
	$methodName = $authMethod.'@odata.type'.replace("#microsoft.graph.", "")
	$authMethod.'@odata.type' = $methodName
	$methods += $methodName
	}
	$user \| Add-Member -Type NoteProperty -Name "authMethodsDetail" -Value @($authDetails)
	$user \| Add-Member -Type NoteProperty -Name "authMethodsCount" -Value $authMethods.value.count
	$user \| Add-Member -Type NoteProperty -Name "authMethodsList" -Value ($methods -join ",")
	}
	}

	$aadUsers \| Export-Csv -Path "mfa-report.csv" -NoTypeInformation -Encoding UTF8