Skip to content

Connecting to Exchange Online with MFA Enabled

Connect to Exchange Online PowerShell with MFA Enabled.

 

If your organization is using MFA for all staff to provide an extra layer of security you might have found that connecting to Exchange Online using Remote PowerShell fails with an error “Access Denied”. For accounts with MFA enabled they cannot use the same method as non MFA enabled accounts to connect to Exchange Online.

MFA requires the you to install the Exchange Online Remote PowerShell Module, and then connect using the Connect-EXOPSSession cmdlet.

Error received:

 

 

 

To get started you need to download and install the Exchange Online PowerShell Module from the Exchange Admin Center.

  • Click on hybrid
  • Then click on configure for the Exchange Online PowerShell Module

 

Note. download the file using IE, if you use any other browser you might experience issue with installing the application.

 

Click on Install once the application download has completed.

Remote Management (WinRM) on your computer needs to allow basic authentication (it’s enabled by default). To verify that basic authentication is enabled, run this command in a Command Prompt:


 

 

 

If WinRM is authentication is not set to basic, run the following to set it to basic.

Next on the computer with the Exchange Online Remote PowerShell Module installed run the following cmdlet to connect to Exchange Online using MFA.

  • <UPN> is your Office 365 work or school account i.e. Shaun.Hardneck@thatlazyadmin.com
  • The <ConnectionUri> and <AzureADUri> values depend on the location of your Office 365 organization as described in the following table:

Then Office 365 tenant being used for this demonstration is not in the locations specified below, so I will continue using the following cmdlet. To connect to Exchange Online.

 

Next you will be prompted to provide the password for the mentioned user.

 

 

 

 

 

 

 

 

 

Once you have provided the password for the user, you will be prompted to provide the security code.

 

 

 

 

 

 

 

 

 

Once the code has been entered and accepted the PowerShell modules will continue and Import in your PSSession.

 

And that is how you can still connect to Exchange Online even with MFA enabled on your user accounts.

 

#ThatLazyAdmin

Sharing is caring!

Published inOffice 365

Be First to Comment

Leave a Reply

Your email address will not be published.