dell-democenter

MODULE 2 - MULTI FACTOR AUTHENTICATION USING RSA

Verify RSA SecurID Configuration

Get-PPDMmfa_securids

image

Disable MFA

Get-PPDMmfa_securids | Set-PPDMmfa_securids -is_enabled:$false

At this Point, you cannot re-enable it as you will not have the token to access image

BYPASS MULTIFACTOR AUTHENTICATION

First, we need to get the IdentityProvider having the users we want to disable MFA for. In Our Case it is the local Provider

Get-PPDMidentity_providers -type local

image

Check for any Bypassed (mfa disabled) user Account

Get-PPDMmfa_bypass_accounts

Alt text

From above we can see that user admin is already bypassed. We can Remove the MFA Bypass using:

Get-PPDMmfa_bypass_accounts -filter 'selector eq "local" and subject eq "admin"' |  Remove-PPDMmfa_bypass_accounts

Alt text

To disable MFA (Bypass) for a local user, we need to provide the accountname

Get-PPDMidentity_providers -type local | Set-PPDMmfa_bypass_accounts -accountname admin

Alt text

List the Account bypass for local user admin

Get-PPDMmfa_bypass_accounts -filter 'selector eq "local" and subject eq "admin"'

Alt text

TLDR

TLDR

«Module 1 This Concludes Module 2 Module 3 Lesson 1 »