Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# Username to connect to MFA Web Service SDK Server with
$UserName = "domain\user"
# Password for the account above
$Password = 'P@$$w0rd1!' | ConvertTo-SecureString -AsPlainText -Force
$Creds = New-Object System.Management.Automation.PSCredential -ArgumentList $UserName, $Password
# Create a WS Proxy to the SOAP Azure MFA WebService SDK Endpoint
$proxy = New-WebServiceProxy -Uri https://www.domain.com.au/MultiFactorAuthWebServiceSdk/PfWsSdk.asmx?WSDL -Credential $Creds
# Get Namespace for Objects
$ns = $proxy.GetType().Namespace
[string]$UserNameFilter="*"
[bool]$UsernameCaseSensitive=$false
[string]$firstNameFilter="*"
[bool]$firstNameCaseSensitive=$false
[string]$lastNameFilter="*"
[bool]$lastNameCaseSensitive=$false
[string]$emailFilter="*"
[bool]$emailCaseSensitive=$false
[string]$userGroupFilter="*"
[bool]$userGroupCaseSensitive=$false
[string]$phoneFilter="*"
$modeFilter = New-Object ($ns + ".Mode3")
[bool]$modeSpecified1=$false
$pinModeFilter = New-Object ($ns + ".PinMode2")
[bool]$pinModeSpecified1=$false
$smsDirectionFilter = New-Object ($ns + ".SmsDirection")
[bool]$smsDirectionSpecified1=$false
$smsModeFilter = New-Object ($ns + ".SmsMode")
[bool]$smsModeSpecified1=$false
$phoneAppModeFilter = New-Object ($ns + ".PhoneAppMode")
[bool]$phoneAppModeSpecified1=$false
$tagMatchType = New-Object ($ns + ".TagMatchType")
[string[]]$tagIds=""
[bool]$enabledFilter=$false
[bool]$enabledSpecified1=$false
$resultsComplete = $null
$userResults = New-Object ($ns + ".UserRow")
$callResult = New-Object ($ns + ".CallResult")
$errorcode = New-Object ($ns + ".Error")
# Find all users (wildcard '*')
$result = $proxy.FindUsers_4('*',[bool]$usernameCaseSensitive, [string]$firstNameFilter, [bool]$firstNameCaseSensitive, [string]$lastNameFilter, [bool]$lastNameCaseSensitive, [string]$emailFilter, [bool]$emailCaseSensitive, [string]$userGroupFilter, [bool]$userGroupCaseSensitive, [string]$phoneFilter, ([object]$modeFilter), [bool]$modeSpecified1, ([object]$pinModeFilter), [bool]$pinModeSpecified1, ([object]$smsDirectionFilter), [bool]$smsDirectionSpecified1, [object]$smsModeFilter, [bool]$smsModeSpecified1, ([object]$phoneAppModeFilter), [bool]$phoneAppModeSpecified1, ([object]$tagMatchType),[string[]]$tagIds,[bool]$enabledFilter, [bool]$enabledSpecified1, [int32]$resultLimit, ([ref] $userResults), ([ref] $resultsComplete), ([ref]$errorcode))
# Find all users with name starting with darren*
$result = $proxy.FindUsers_4('darren*',[bool]$usernameCaseSensitive, [string]$firstNameFilter, [bool]$firstNameCaseSensitive, [string]$lastNameFilter, [bool]$lastNameCaseSensitive, [string]$emailFilter, [bool]$emailCaseSensitive, [string]$userGroupFilter, [bool]$userGroupCaseSensitive, [string]$phoneFilter, ([object]$modeFilter), [bool]$modeSpecified1, ([object]$pinModeFilter), [bool]$pinModeSpecified1, ([object]$smsDirectionFilter), [bool]$smsDirectionSpecified1, [object]$smsModeFilter, [bool]$smsModeSpecified1, ([object]$phoneAppModeFilter), [bool]$phoneAppModeSpecified1, ([object]$tagMatchType),[string[]]$tagIds,[bool]$enabledFilter, [bool]$enabledSpecified1, [int32]$resultLimit, ([ref] $userResults), ([ref] $resultsComplete), ([ref]$errorcode))
$userResults.count
$userResults | out-gridview
# Store the found MFA Users Username
$mfauser = $userResults.username
# Get their phone number as stored in the MFA Server
$userphone = New-Object ($ns + ".Userphone")
$result = $proxy.GetPhone([string]$mfauser,[ref]$userphone, [ref]$errorcode)
$userphone
# What are the users MFA Settings
$userMFASettings = New-Object ($ns + ".UserSettings2")
$result = $proxy.GetUserSettings_2([string]$mfauser,[ref]$userMFASettings, [ref]$errorcode)
$userMFASettings
# GET MFA DEVICES
$userDevices = New-Object ($ns + ".UserDevice")
$result = $proxy.GetUserDevices([string]$mfauser,([ref] $userDevices), [ref]$errorcode)
$userDevices.value
# MAKE A 2FA OTP Phone Call
$AuthenticationType = New-Object ($ns + ".AuthenticationType")
$callResult = New-Object ($ns + ".CallResult")
$authenticationRequestId = $null
[bool] $requireUserMatch = $true
$initiatingAuthenticationType ="pfsdk"
$result = $proxy.PfAuthUser_4([string]$mfauser,[object] $initiatingAuthenticationType, [string] "192.168.20.6", [string] "Test Script", [bool] $requireUserMatch, [ref] $callResult, [ref] $authenticationRequestId, [ref]$errorcode)
Write-Host "MFA Call Result Code: " $callResult.Code
Write-Host "MFA Call Result Description: " $callResult.Description
Write-Host "MFA AuthN Request ID: " $authenticationRequestId
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.