Help CenterThis script connects to Microsoft Graph for a specified tenant and retrieves all users with a UserType of 'Member.' It filters users who use federated identities for sign-in and disables their SMS sign-in authentication method by targeting the corresponding phone authentication method ID. The script provides progress updates, showing the percentage of users processed, the remaining users, and the time taken for each operation.
Here is the script:
Connect-MgGraph -TenantId "xxx.onmicrosfot.com" -Scopes "User.Read.All", "UserAuthenticationMethod.ReadWrite.All"
$allusers = Get-MgUser -Property id,Userprincipalname,identities,UserType -all -Filter {UserType eq 'Member'}$SMSenabled = $allusers | ? {$_.identities.SignInType -contains 'federated'}$phoneAuthenticationMethodId = "3179e48a-750b-4051-897c-87b9720928f7"$i = 0$SMSenabled | ForEach-Object { $runtime = Measure-Command { Disable-MgUserAuthenticationPhoneMethodSmsSignIn -UserId $_.Id -PhoneAuthenticationMethodId $phoneAuthenticationMethodId } | Select-Object -ExpandProperty TotalSeconds $i++ $Completed = ($i/$SMSenabled.count) * 100 $remain = $SMSenabled.count - $i Write-Progress -Activity "Removing Phone SignIn" -Status "Progress:$remain users remain, Last Run Time: $runtime" -PercentComplete $Completed}