runbook-dynamicgroup-mfa

0.3

Azure Runbook - Dynamic Group - MFA State

This script is designed for an Azure Runbook to assign users to two Azure AD groups based on their MFA capability (capable / non-capable).
Before running the runbook, you need to set up an automation account with a managed identity.e).

IMPORTANT: Define the variables for the two necessary groups in the Automation Variables as "dynamicmfa_groupid_capable" and "dynamicmfa_groupid_noncapable", or hardcode them in this script.

The managed identity requires the following Graph Permissions:
  - User.Read.All
  - Group.Read.All
  - Group.ReadWrite.All
  - UserAuthenticationMethod.Read.All

The script requires the following modules:
  - Microsoft.Graph.Authentication
  - Microsoft.Graph.Groups
  - Microsoft.Graph.Identity.SignIns
  - Microsoft.Graph.Users

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Script -Name runbook-dynamicgroup-mfa -RequiredVersion 0.3

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

M365-consultant

Copyright

Package Details

Author(s)

Dominik Gilgen

Dependencies

This script has no dependencies.

FileList

runbook-dynamicgroup-mfa.nuspec
runbook-dynamicgroup-mfa.ps1

Version History

Version	Downloads	Last updated
0.4	508	10/12/2023
0.3 (current version)	7	9/25/2023