Exchange Online PowerShell with Multifactor (updated)

PowerShell is great.

MFA is great (and secure).

Exchange Online is great.

We all know that. So everybody could think combining these 3 great factors will be a very great experience when you start an Exchange Online remote session with an MFA-secured account? Haha. This is the most annoying connection in PowerShell. Microsoft what did you smoke when you programmed that?

You want to know what I talk about? Then read this article carefully:

Connect to Exchange Online PowerShell using multi-factor authentication

Let me summarize the article.. You have to:

  • open a web browser
  • sign in to the O365 admin center using your MFA secured account
  • (or directly to Exchange Online if you know the URL)
  • go to the “hybrid” configuration
  • download an AddIn
  • Install it
  • use it in PowerShell

Yeah. During the last weeks I often had the problem that the addin cannot be loaded with this error (no matter which browser I use: IE, Edge, FF; Chrome, Opera):

ExchO2

The error talks about browser and application security zones. I will continue investigating this but for now I am still looking for the solution.

So there must be another (easier?) way. I found out 2 ways which I want to explain to you:

Option 1: Manually loading the Exchange Online MFA module from the Assembly Cache

Everything downloaded must be saved somewhere temporarily. Following the instructions on this site and some tests figured out that it works well:

http://blog.zomputer.hu/content/exchange-online-powershell-toebbfaktoros-azonositassal-mfa

The only thing you have to do in advance is to download this module one time on your computer. With other words: follow the instructions from MS I’ve mentioned above. Or get the DLL maybe from another computer.

Option 2: Find a good module with PowershellGet

You can find more information about PowershellGet here:

Install PowerShellGet on your computer

Make PowershellGet a trusted repository

Now you can find the available modules by using this command:

Find-Module *Exchange* | Select Name,Description | Format-Table -Wrap

The module “ExchangOnlineShell” supports MFA. So give it a try:

Install-Module ExchangeOnlineShell

Get-Command -Module ExchangeOnlineShell

The first command is for the installation, the second one to see the implemented commands. You see a command named “Connect-EOShell”. Issuing it opens the typical MFA prompt:

Connect-EOShell

ExchO1.png

For those of you that don’t like “download and run” unknown software because of security reasons: The module is installed to the path “C:\Program Files\WindowsPowerShell\Modules\ExchangeOnlineShell\2.0.2”. Here you can have a look at the script which are executed by the command. And as you can see, the script delivered script is containing the necessary DLL for the Exchange Online session 🙂

Option 3 (the one you should prefer): Use ExoV2

ExoV2 is the newest PowerShell module for connecting to Exchange Online and available via PSGallery. You can easily install it:

Install-Module ExchangeOnlineManagement

… more about ExoV2 coming soon in another separete post.

Published by Andreas

Founder of M365 Evangelists Cloud-Architect, Strategy Consultant, Consultant for Microsoft technologies, Graph API enthusiast, PowerShell enthusiast
%d bloggers like this: