Enable modern authentication for Skype for Business Online


a fantastic read As a Cloud Consultant working with products that are part of the Office 365 and the Microsoft Enterprise Mobility +Security Suite (EMS), I often get a lot of questions about multi-factor authentication (MFA), and how to get started.

citas 12 hombres sin piedad Most customers today has a strategy about MFA when employees are trying to access corporate company data from outside the company perimeter. But when customers are using cloud services like Office 365, OneDrive and SharePoint that boundary moves from a physical boundary to the user identity. Therefore the requirement for multi-factor authentication is something that most customers wants to implement as part of their cloud strategy.

http://peterboroughphotographicsociety.com/primeta/1318 The key to a successful MFA deployment starts by enabling modern authentication. Modern authentication brings Active Directory Authentication Library (ADAL)-based sign in to your Office 365 applications, and without this enabled, end users will have to use “App Passwords”, witch is a true nightmare for any user and it department.

visit this site right here By default Office 365 tenants (Exchange Online, SharePoint Online and Skype for Business Online) will need to be configured to accept a modern authentication connection. I recommend that you enabled for modern authentication both Exchange Online and Skype for Business, if you want to use MFA.

  • Skype for Business Online – OFF by default.
  • Exchange Online – OFF by default.
  • SharePoint Online – ON by default.

site de rencontre gratuit en republique dominicaine  

Enable modern authentication for Skype for Business Online

To enable modern authentication for Skype for Business Online, complete the following steps:

Step 1: Install Skype for Business Online, Windows PowerShell Module:

Step 2: Connect to Skype for Business using PowerShell
rencontre khemisset
$sfboSession = New-CsOnlineSession -UserName user@domain.com
Import-PSSession $sfboSession


Step 3: Verify the current settings (optional)
The expected result: ClientAdalAuthOverride : Disallowed
click for info


Step 4: Enable modern authentication for Skype for Business Online
site here
Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed

Step 5: Verify that the change was successful by running the following:
The expected result: ClientAdalAuthOverride : Allowed


http://nielsborchjensen.com/martys/3642 Important: Please note, that it might take up to 24 hours before modern authentication starts to work. Usually it’s less than one hour, but please be patient when you start testing. It you don’t get the result you expect, watch a movie, drink a cup of coffee and try again.
Thanks to @AlexFilipin for reminding me, to add this note to the article.

I have also posted a sample script on Microsoft TechNet Gallery, where all the commands used in this example can be found: https://gallery.technet.microsoft.com/Enable-modern-authenticatio-d7180f99

That’s it… Enjoy!

+Ronni Pedersen

About Author

My name is Ronni Pedersen and I'm currently working as a Cloud Solution Architect at EG A/S in Denmark. My primary focus is Enterprise Client Management solutions, based on technologies like AzureAD, Intune, EMS and System Center Configuration Manager. I'm is also a Microsoft Certified Trainer and Microsoft MVP in Enterprise Mobility.


  1. If I enable MFA for Skype for Business Online, using the powershell method you described, does that mean that EVERY user will be asked to enter a code from a Microsoft Authenticator APP, even though Two Factor Authentication may not be enabled on EVERY Office 365 User Account? Put another way, I only have 10% of my users enabled for Two Factor Authentication in my Office 365 tennant, and I am concerned that if I enable MFA on ‘Skype for Business Online’ via powershell, that it will prevent skype login for 90% of my users who do not enrol for MFA yet. Thank you.

  2. Pingback: Sysadmin Today #48: Migrating Active Directory, ADFS & MFA

  3. Are there any drawbacks to enabling modern authentication? I can’t imagine that this would affect any other O365 systems, but want to be sure before I enable this in our production tenant.

  4. This article is awesome! I was spinning my wheels for quite some time just using the instructions provided by Microsoft (they really make you work for it).

    Thank you so much!

  5. Hi Ronni

    Modern authentication is on for our users but our android users can’t use their mail and skype for business is there any reason for this case? Do I need to another script?


Leave A Reply