Updated 5 years ago

Connect to Exchange Online PowerShell without Basic Authentication

by Kathy Cooper

5 min read

No Comments

Most admins rely on PowerShell to manage and audit their Office 365 organization. As an admin, you might have heard about Microsoft deprecating Basic Authentication in Exchange Online by Oct 2022 (postponed from Oct 13, 2020).

So, how will you easily connect to Exchange Online PowerShell without Basic Authentication? It’s SIMPLE!! By using Modern Authentication. Now I can hear your query: How can I quickly connect to Exchange Online PowerShell with Modern Authentication? Don’t worry! I have a solution. You’re gonna love me forever for what I’m about to share with you!

  1. Have you ever wanted to use the single cmdlet to connect Exchange Online with both MFA and non-MFA account?
  2. Are you trying to find an alternative method to connect Exchange Online PowerShell Without Basic Authentication?
  3. Have you ever wanted to install Exchange Online PowerShell module from PowerShell Gallery?
  4. Whether your script takes hours to complete? Or data retrieval interrupted due to session expiry/disconnect?

All your question has single answer: Use the Exchange Online PowerShell V3 Module

Advantage of using Exchange Online PowerShell V3 Module:

  • EXO V3 module uses Modern Authentication. i.e, you can connect to Exchange Online PowerShell with Modern Authentication.
  • You can download EXO V3 module easily from PowerShell gallery.
  • Single cmdlet ‘Connect-ExchangeOnline’ let you connect to Exchange Online PowerShell with MFA and non-MFA account.
  • It doesn’t require WinRM basic authentication to be enabled.
  • Helps to automate EXO PowerShell login with MFA. i.e., unattended scripts.
  • Contains REST API based cmdlets.
  • Provides exclusive cmdlets that are optimized for bulk data retrieval.

Install Exchange Online PowerShell V3 Module:

The Exchange Online PowerShell V3 module enables you to connect Exchange Online PowerShell with Modern Authentication. To install the EXO V3 module, run the following PowerShell script, which will determine if the system already has the V3 module installed. If it is not present, the script will install the EXO V3 module.

Note: To ease your installation and connection to Exchange Online PowerShell, we have documented Connect-ExchangeOnline troubleshooting tips at the bottom.

Connect to Exchange Online PowerShell With Modern Authentication:

Connect-ExchangeOnline cmdlet allows you to connect Exchange Online PowerShell without Basic Authentication. You can use Connect-ExchangeOnline cmdlet for both MFA and non-MFA account to connect Exchange Online PowerShell.

Run below cmdlet to connect Exchange Online PowerShell with/without MFA

It will prompt for username and password. After entering credential, if you don’t receive any error means you successfully connected to Exchange Online. Yes! you have connected to Exchange Online PowerShell without basic authentication!

The successfully connected screen looks similar to the below screenshot.

Connect to Exchange Online without Basic Authentication

To check the connectivity, you can run Get-EXOMailbox cmdlet and see results.

Additional Usecases for Connect-ExchangeOnline:

1.Passing credential in Connect-ExchangeOnline:

If you are using a non-MFA account to connect Exchange Online PowerShell, you can pass the credential in the Connect-ExchangeOnline cmdlet. This can be achieved by running below cmdlets.

2.Passing username in Connect-ExchangeOnline

If you are connecting Exchange Online PowerShell with multi-factor authentication, you can’t pass the credential as it requires verification code. Still, you can pass your username in the Connect-ExchangeOnline cmdlet.

Note: To disconnect Exchange Online PowerShell session, You can use Disconnect-ExchangeOnline which is equivalent of Get-PSSession | Remove-PSSession.

Update EXO V2 Module:

If EXO V2 module is already installed on your computer, you can upgrade using Update-Module cmdlet.

To check the version of currently installed module, run the following commands.

To update the EXO V2 module to latest version that’s available in the PowerShell Gallery.

How to use EXO V3 Module in Unattended Script?

You can create non-interactive scripts to perform Exchange Online management tasks. It requires Azure AD applications, certificates, and Modern authentication. To get more details, you can check our dedicated blog on Unattended access to Exchange Online using MFA account.

ExchangeOnlineManagement: Troubleshooting Tips

1. PowerShellGet version:

In order to install Exchange Online PowerShell V2 module, PowerShellGet version must be 2.0 or later. Else you will have following error message.

WARNING: The specified module 'ExchangeOnlineManagement' with PowerShellGetFormatVersion '2.0' is not supported by the current version of PowerShellGet. Get the latest version of the PowerShellGet module to install this module, 'ExchangeOnlineManagement '.

ExchangeOnlineManagement

Solution: To install or update PowerShellGet latest version, run the below cmdlet.

2. Set execution policy:

Windows PowerShell needs to be configured to run scripts, and by default, it isn’t. In that case, you will get the following error.

Files cannot be loaded because running scripts is disabled on this system. Provide a valid certificate with which to sign the files.

Connect to Exchange Online PowerShell Modern Authentication

Solution: To resolve this error, you need to run the below cmdlet.

3. Connect-ExchangeOnline with MFA enabled account:

When you pass MFA enabled account’s credential using Get-Credential, you will get below error (because Get-Credential cmdlet doesn’t support MFA enabled accounts).

New-ExoPSSession : AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access.

Connect Exchnage Online PowerShell with Modern Authentication

Solution: To Connect-ExchangeOnline with MFA enabled account, run the below cmdlet. It will prompt for credential and verification code.

4. ‘Connect-ExchangeOnline‘ is not recognized as the name of a cmdlet:

In order to run Connect-ExchangeOnline cmdlet, you must install Exchange Online PowerShell V3 module. Else, you will get error during connection.

Connect-ExchangeOnline : The term 'Connect-ExchangeOnline' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Connect-ExchangeOnline : The term ‘Connect-ExchangeOnline‘ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Connect-ExchangeOnline

Solution: Install EXO V3 module.

5.Using EXO V2 module in PowerShell scripts:

If you are using both Connect-ExchangeOnline and Connect-MsolService in your PowerShell script, you might face the below issue.

Get-EXOMailbox: Failed to acquire token silently as no token was found in the cache. Call method AcquireToken.

This issue occurs because of loading Azure MsOnline module after loading the EXO V2 module. I hope this issue will be resolved soon by Microsoft.

ExchangeOnlineManagement

Solution: You can connect to the EXO V2 module after connecting to Connect-MsolService as a workaround.

Connect to Exchange Online PowerShell without Basic Authentication – Conclusion:

The ExchangeOnlineManagement module is a valuable addition to the PowerShell gallery. It helps admins to connect Exchange Online PowerShell (both MFA and non-MFA accounts) with a single cmdlet. Using New-PSSession with Basic Authentication is going to be deprecated soon, you can start using EXO V3 module. Happy scripting!

Share article