Enable or disable modern authentication in Exchange Online
Modern authentication in Office 365 enables authentication features like multi-factor authentication (MFA) using smart cards, certificate-based authentication (CBA), and third-party SAML identity providers. Modern authentication is based on the Active Directory Authentication Library (ADAL) and OAuth 2.0.
When you enable modern authentication in Exchange Online, Outlook 2016 and Outlook 2013 (version 15.0.4753 or later, with a required registry setting) use modern authentication to log in to Office 365 mailboxes. For more information, see How modern authentication works for Office 2013 and Office 2016.
When you disable modern authentication in Exchange Online, Outlook 2016 and Outlook 2013 use basic authentication to log in to Office 365 mailboxes. They don't use modern authentication.
Notes
-
Modern authentication is enabled by default in Exchange Online, Skype for Business Online and SharePoint Online.
-
Other Outlook clients that are available in Office 365 (for example, Outlook Mobile and Outlook for Mac 2016) always use modern authentication to log in to Office 365 mailboxes.
-
You should synchronize the state of modern authentication in Exchange Online with Skype for Business Online to prevent multiple log in prompts in Skype for Business clients. For instructions, see https://aka.ms/SkypeModernAuth.
Enable or disable modern authentication in Exchange Online
-
Connect to Exchange Online PowerShell as shown here.
-
Do one of these steps:
-
Run this command to enable modern authentication in Exchange Online:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
-
Run this command to disable modern authentication in Exchange Online:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $false
-
-
To verify that the change was successful, run this command:
Get-OrganizationConfig | Format-Table -Auto Name,OAuth*
No comments:
Post a Comment