Target
For customers using HENNGE Device Certificate feature in Access Policy and have users using Exchange Online.
Purpose
If HENNGE Device Certificate is required for login Access Policy, we recommend that the Modern Authentication is enabled for Exchange Online.
This article will help you to check the Modern Authentication setting on Microsoft 365 tenant and if necessary, how to enable Modern Authentication.
Cautions
1. This article is written in 2019 July, procedures may have been changed if the services have been updated.
3. Please use the onmicrosoft.com domain user account to perform this procedure.
4. Please inform the users before this change if necessary.
Procedures
1. Access Exchange Online
Access Exchange Online.
Connect to Exchange Online PowerShell
2. Check the current Authentication Status Type
Run the following Powershell command to check the current Authentication Status.
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto
・If Modern Authentication is "Enabled".
・If Modern Authentication is "Disabled".
3. To enable Modern Authentication
Run the following Powershell Command to enable Modern Authentication for Exchange Online.
※ After the command is run until the time the setting is reflected may take some time.
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
※ After this setting, Calendar Authentication Page will change to the HENNGE Login Screen, please do make sure that the users are aware of this announcement.