Office 365 Connection Script with Modern Auth - Supports MFA (Multi-Factor Auth)

Script with GUI based connection to all Office 365 services that support Modern Auth and MFA - Exchange Online - SharePoint Online - Skype for Business Online - Azure AD v1 - Azure AD v2 - Azure Resource Manager - Azure Rights Manager - Security and Compliance Center

4.8 Star
19,105 times
Add to favorites
Office 365
E-mail Twitter Digg Facebook
Sign in to ask a question

  • Excited to find this but does not work for me
    1 Posts | Last post November 22, 2017
      Thanks for putting this together!
      The script loads and displays the gui, but when I click one of the options to connect, I receive a "Sorry, we're having trouble signing you in.   We received a bad request" (tried from two machines)  
      I am guessing something changed on the Microsoft side as others had success with the script?
  • Received a bad Request.
    2 Posts | Last post November 10, 2017
    • When I try to login to Exchange Online with a MFA enabled account, the pop-up that appears says "Sorry, but we're having trouble signing you in. We received a bad request."
      At the bottom
      Additional technical information: 
      Correlation ID: c51d1fe9-d102-495e-8101-c3bd18934a28 
      Timestamp: 2017-11-10 22:04:10Z 
      AADSTS90013: Invalid input received from the user. 
      Some of the other connections do prompt for credentials properly and work (Azure AD v2 for example).
    • I set my UPN incorrectly. Solved. Sorry!
  • Hangs?
    7 Posts | Last post October 31, 2017
    • Terry,
      After I complete signing in and the EXOP session is done downloading commandlets, my session hangs at "Completed running the script to Connect to Exchange Online - Run the cmdlet - Get-Mailbox - to test connection"
      Any idea why?
    • Yes.
      You need to click OK to finalise the connection and close the connection GUI.
      All mentioned in the support link.
      This allows you to connect to multiple services before closing the GUI. 
    • Hi Terry!
      I have a same problem, but when I click ok button, Gui and Ps window was closed.
      Do you have a idea why i have this?
      Than you.
    • Dragi,
      Can you please provide a bit more information to what exactly happens.
      Also, confirm you are using version 2.5
      Version 2.5 was updated to keep the GUI open until you click OK. This allows you to connect to multiple services without starting the original script again.
      Also, once you click OK, the GUI closes and PowerShell connection finalises and you can run your associated scripts.
      Plus - Do NOT use PowerShell ISE with this script as the EXO component freezes in ISE.
    • Hi Terry!
      Yes i use 2.5 version. I don't use ISE. Everythng work fine, until i click ok. Not only gui window was closed, powersehll window was closed to. I haven't got any ps window where can i writie commands.
    • I have never received an error like that and no-one has mentioned it.
      Make sure you follow my support links and have installed all the pre-requisites.
      Also -
      Does it happen on ALL the Office 365 services, or just a single one?
      Does it happen on multiple computers (make sure you prepare the workstation by installing the pre-requisites) ?
    • Dragi,
      Forgive me if this is an obvious question, but the OCD in my has to ask...
      Are you by chance launching the script from outside a PS environment (by double clicking for example)?  You need to launch the PS console first, then execute the script inside that window.  Otherwise it will only open the PS console long enough to execute the script.
      I made it easier for myself to run the script by putting the script in C:\Windows\System32\WindowsPowerShell\v1.0 so it was part of the default path.
      So I just open a PowerShell window and type "Connect-O365-MFA.ps1" to trigger the connection window.
  • Generic version?
    2 Posts | Last post October 21, 2017
    • Is it possible to get a generic version of this script?
      I work for an MSP so I'm constantly having to connect to different Office 365 tenants but this requires that you edit the script and define a specific one.
    • By memory, the only time the the $Tenant variable is used is for the SharePoint URL.
      You could simply put a hash symbol - # - at the front of the two variable lines 
      This would then comment those lines out and not run them as part of the script.
      As this is for Modern Auth, the majority of services will make you prompt for the UPN anyway.
  • Adding Complaince Center - Solution
    4 Posts | Last post October 02, 2017
    • Thanks to Vasil Michev for solving this in the community thread:
      "It uses the same module and the same cmdlet, just differnt parameters. Simply open the CreateExoPSSession.ps1 from the install dir, and you will see it."
      That leads to something like the following to get the Compliance Center commandlets:
      Import-Module $((Get-ChildItem -Path $($env:LOCALAPPDATA+"\Apps\2.0\") -Filter Microsoft.Exchange.Management.ExoPowershellModule.dll -Recurse ).FullName|?{$_ -notmatch "_none_"}|select -First 1)
      $MFCCPSSession = New-ExoPSSession -ConnectionUri ''
      import-pssession $MFCCPSSession
      I look forward to your next script verion that includes this!
    • Terry, 
      I tried to contribute to this code gallery entry, but it ended up creating a new one.
      If you want to incorporate what you want, I'll take mine down so there isn't a fork.
    • Awesome !!!
      Will look at it over the weekend.
    • Thanks Bozford.
      I have updated the script to include the Security and Compliance Center. Thanks for the heads-up on that update !!!
      Also, thanks for your tips on stopping the auto-close on the form. I have documented that for future reference. I found the setting to change inside SAPIEN.
      And of course you are given credit inside my script  - :)
      Thanks for the help. 
      It is great when everyone works together in the community.
  • Add security and compliance center?
    3 Posts | Last post September 06, 2017
    • Great script, but I am missing the button to connect to the security and compliance center (
      Maybe it's a good idea to add that one too?
    • Unfortunately the Security and Compliance Center doesn't support PowerShell connections with MFA as of 31 July 2017. Currently, if you want to manage the SCC via PowerShell, you can only connect with accounts that are not MFA enabled. You can however manage the SCC via the SCC Portal with an MFA enabled account.
      You can voice your support for inclusion here -
    • Hi Terry!
      Support for the Security and Compliance Center was added August 17 using the Connect-IPPSSession commandlet (WOOHOO!!!), but I can't for the life of me figure out how to import the commandlet like you do with the new-EXOPSSession.
      This is the last remaining piece I believe!  Now admins should be able to administer O365 like the first class paranoid citizens we should be!
      P.S. Great solution.  You are the king.  Thank goodness for people like you.
  • Awsome script
    2 Posts | Last post August 31, 2017
    • Do you have the possibilities to add fonctions like "Connect to On-Premises Exchange" or "connect to On-Premises Skype-4B". And maybe add the possibilities to install all the requierments like Azure AD PowerShell and the others. I was using this with another script publish by Mike O'Neill "O365_Installs_Connections.ps1". Well thanks a lot for sharing this.
    • Thanks for the feedback Jonathan.
      I have a Hybrid / Exchange Online Connection script - 
      Which connects to Local Exchange and all Office 365 services without MFA. 
      I created a dedicated MFA connection script due to the inability to re-use the credentials multiple time like the non-MFA connection scripts.
      I have never really dealt much with SfB so I don't have any connection script for that as yet.
      In regards to requirements, it is critical to look at the support section at the top of my scripts as that will have links to my blog for articles on how to build your PC to include all the pre-requisites.
      Check out this link -
      Look at the top section for Configure your Administration PC or Server.
  • Just a great script!
    2 Posts | Last post August 31, 2017
    • Thanks so much for posting this. We've just enabled MFA for all users and this is a godsend!
    • Thanks for the feedback. 
      Keep your eye out for a Office 365 daily admin pack coming soon. I am currently working on a bunch of daily admin tasks to bundle together.
      You can also follow me on LinkedIn -
  • Unable to connect to EXO
    2 Posts | Last post August 14, 2017
    • Great script!  I tried it the first time and it failed.  Here is the output:
      Import-Module : Cannot bind argument to parameter 'Name' because it is null.
      At C:\Connect Online Services\Connect-O365-MFA-v2-0-Signed.ps1:95 char:17
      + ... port-Module $((Get-ChildItem -Path $($env:LOCALAPPDATA + "\Apps\2.0\" ...
      +                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidData: (:) [Import-Module], ParameterBindingValidationException
          + FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.ImportModul
      New-ExoPSSession : The term 'New-ExoPSSession' is not recognized as the name of a cmdlet, function, script file, or
      operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try
      At C:\Connect Online Services\Connect-O365-MFA-v2-0-Signed.ps1:96 char:17
      +         $EXOSession = New-ExoPSSession -UserPrincipalName $UPN
      +                       ~~~~~~~~~~~~~~~~
          + CategoryInfo          : ObjectNotFound: (New-ExoPSSession:String) [], CommandNotFoundException
          + FullyQualifiedErrorId : CommandNotFoundException
      Import-PSSession : Cannot validate argument on parameter 'Session'. The argument is null. Provide a valid value for
      the argument, and then try running the command again.
      At C:\Connect Online Services\Connect-O365-MFA-v2-0-Signed.ps1:97 char:20
      +         Import-PSSession $EXOSession -AllowClobber
      +                          ~~~~~~~~~~~
          + CategoryInfo          : InvalidData: (:) [Import-PSSession], ParameterBindingValidationException
          + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.ImportPSSessionCommand
      I ready the script, and searched in the LocalAppData but did not find the Microsoft.Exchange.Management.ExoPowershellModule.dll.
      Am I missing somthing?
    • Nevermind!  I found the missing .DLL.  Here's the fix:
  • Awesome!
    2 Posts | Last post May 16, 2017
    • I don't have a question, just wanted to comment and say thank you for making this!  It actually helped my troubleshoot a MFA issue I was having and all is well now.  I'll be sure to have my co-workers use this as well.
    • Thanks Chris. Happy to share my script and make your team's work that little bit easier.
21 - 30 of 31 Items