Modern authentication in Exchange Online enables authentication features like multi-factor authentication (MFA). Modern Authentication is by default enabled in Exchange Online and Outlook 2013 or later supports Modern authentication.
I got this issue from one of my clients that the users are unable to login to Outlook after they enforce Multi-Factor Authentications for the users and as the users were using Office 2016, I haven’t thought of checking the modern authentication and it is already enabled in Outlook 2013 or later. But then it might be the possibility that somehow, they have disabled it. Of course, they were able to login to Outlook mobile as this will always use modern authentications and it doesn’t depend whether you have disabled modern authentication for Exchange Online. There was a workaround to create an App password to login but then why not modern authentication.
So, let’s see how I enabled modern authentication through PowerShell.
- Connect to Exchange Online PowerShell.
- Set-ExecutionPolicy RemoteSigned
- $UserCredential = Get-Credential
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection
- Import-PSSession $Session -DisableNameChecking
2. Run the following command to enable Modern Authentication connection to Exchange Online by Outlook 2013 or later clients.
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
3. Some organizations might have the requirement to disable modern authentication connection to Exchange Online by Outlook 2013 or later clients. Run the following command to disable the same.
Set-OrganizationConfig -OAuth2ClientProfileEnabled $false
4. To verify that the change was successful.
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto
I hope the above steps will be able to resolve the issues whenever the user is unable to login to Outlook client with Multi-Factor Authentication.