Now a day’s authentication is the most important factor in a cloud environment. Many of the organizations are utilizing SharePoint Online as their Content Management System, it is basic that the delicate information does not slip into false hands. Therefore, Multi-Factor Authentication for Office 365 becomes possibly the most important factor. Multi-factor authentication is a two-step process. In addition to passwords, users are expected to acknowledge a phone call/ text message to complete the verification process. One can enable Multi-Factor Authentication for a user by following these steps.
* Navigate to the Admin Portal through this link https://admin.microsoft.com/Adminportal
* Select the Active Users tab.
* Select a user, a new window will be open.
* Click on Manage multi-factor authentication link from more settings.
* Check on user account for which you want to enable MFA authentication and select enable option.
Or open admin center with the user for which you want to enable MFA authentication. Navigate to https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx
From the above figure you can see, we have successfully enabled multi-factor authentication for user “test”
In our blog, we will see how to work with MFA authentication using PowerShell. Basically, we provide user and password credentials in PowerShell script to retrieve the client context object. If we will use the same procedure with MFA enable user account it will show ‘Exception calling “Execute Query” with “0” argument(s): “The sign-in name or password does not match one in the Microsoft account system.”‘ while executing client context. In MFA authentication we use $authManager.GetWebLoginClientContext to retrieve context. Executing this line opens the authentication window and ask for login credentials and acknowledged call/ text message to verify authentication from the script.
Note: Make sure you have installed latest version SharePointPnPPowerShellOnline.msi in your system and added all dlls of latest versions. You can download
OfficeDevPnP.Core.dll, Microsoft.IdentityModel.Clients.ActiveDirectory.dllpackage from these links.
https://www.nuget.org/packages/SharePointPnPCoreOnline/2.26.1805.1
https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/2.29.0
download packages, rename (add .zip extension with it) and save it. Extract it to use dlls in scripts.
In this blog, we are going to create a custom list with MFA authentication.
The code block for this is mentioned below.
try
{
$SiteURL = "http://portal/sites/site1"
$ListTitle = "NewList"
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.dll")
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.SharePoint.Client.Runtime.dll")
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\Microsoft.IdentityModel.Clients.ActiveDirectory.dll")
[System.Reflection.Assembly]::LoadFrom("C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\ISAPI\OfficeDevPnP.Core.dll")
# opens authentication window and ask for login credentials and verification process
$authManager = new-object OfficeDevPnP.Core.AuthenticationManager;
$Context = $authManager.GetWebLoginClientContext($SiteURL);
#Retrieve lists
$Lists = $Context.Web.Lists
$Context.Load($Lists)
$Context.ExecuteQuery()
#Create list with "custom" list template
$ListInfo = New-Object Microsoft.SharePoint.Client.ListCreationInformation
$ListInfo.Title = $ListTitle
$ListInfo.TemplateType = "100"
$List = $Context.Web.Lists.Add($ListInfo)
$List.Description = "new list description"
$List.Update()
$Context.ExecuteQuery()
}
catch{
Write-Host -ForegroundColor Red 'Error ', ':' $Error[0].ToString();
sleep 10
}
After code executed, the custom list is created successfully in the SharePoint site.
This solution is brought to you by our SharePoint professionals.
Softree Technology employs SharePoint consultants; we are a technology services provider with the aim to help companies achieve exceptional performance through SharePoint. Our dedicated team of SharePoint consultants has the right bent of mind to understand and execute customer requirements.
Be it SPFx or SharePoint add-in developments, SharePoint 2019 developments, web part developments, migrating from SharePoint 2010/2013 to SharePoint 2013/2016/Office 365, Office 365, SharePoint hosted apps development or something else in SharePoint, we strive to deliver the best