Hi All.
Looking for a Powershell script to enable Per-user/legacy MFA for all users inside a office 365/AzureAd Tenant. This seems like a easy script to write and execute but I Cant find any info on it.
Thanks
Isaac,
Welcome to the forum. 
I used your subject, added “PowerShell” to it and searched for it …
This should get you started. 
Hi Olaf. Appreciate the reply but had already spent some time researching this. Searching this results in no substantial info on the topic as Microsoft and the general community lean towards using Azure Security defaults. Don’t worry I spent some time and have written the following PowerShell Script. I was asking in this forum to see if anyone had done the hard work for me, I was just being lazy. Thanks
# Connect to tenant
Connect-MsolService
# Sets the MFA requirement state
function Set-MfaState {
[CmdletBinding()]
param(
[Parameter(ValueFromPipelineByPropertyName=$True)]
$ObjectId,
[Parameter(ValueFromPipelineByPropertyName=$True)]
$UserPrincipalName,
[ValidateSet("Disabled","Enabled","Enforced")]
$State
)
Process {
Write-Verbose ("Setting MFA state for user '{0}' to '{1}'." -f $ObjectId, $State)
$Requirements = @()
if ($State -ne "Disabled") {
$Requirement =
[Microsoft.Online.Administration.StrongAuthenticationRequirement]::new()
$Requirement.RelyingParty = "*"
$Requirement.State = $State
$Requirements += $Requirement
}
Set-MsolUser -ObjectId $ObjectId -UserPrincipalName $UserPrincipalName `
-StrongAuthenticationRequirements $Requirements
}
}
# Enable MFA for all users
Get-MsolUser -All | Set-MfaState -State Enabled
Feel free to use the above to enable per-user/legacy MFA for all user in office 365/Azure AD
Thanks, Isaac
That’s what I thought. And in my opinion there were scripts already available. Without digging too deep into the code … for example the function on this site looks promissing and a kind of similar to yours …
… but thanks for sharing anyway.