Skip to main content

Articles in this section

See more
Print

Text File User Authentication Methods (MFA) Status rule

  • Updated

Text File User Authentication Methods (MFA) Status rule

Rule description

This rule queries the list of users specified in a text file and for each user returns details about their authentication methods.

NOTE: CSV-file should be in UTF-8 format in case of using letters with an accent: á, ä, é, í, ö, ü and etc.

When to use this rule

Use this rule when you need to get the list of authentication methods of users that are specified in the CSV file.

This rule requires a source text file in the comma-separated variable format (CSV). You can use the template CSV files provided with the rule, or create a file in Microsoft Excel and export it as CSV.

To use a template CSV file:

  1. In the Query section, click the [...] button next to the Select Data Source setting.

  2. Open the Templates folder.

  3. Depending on the Account source system, select Enforce Office 365 License (Hybrid) or Enforce Office 365 License (Microsoft 365) CSV file.

  4. Click Open.

The Query's source text file requires the following CSV (comma-separated value) format:

Hybrid users

Copy
UserPrincipalName,DistinguishedName,SamAccountName,ObjectGuid
Joe.Smith@domain.com,"CN=Joe Smith,OU=IT,DC=domain,DC=com",jsmith,dd16cabd-b1a6-4fc4-b5b6-d86d8d8fca9e
Kelly.Jones@domain.com,"CN=Kelly Jones,OU=IT,DC=domain,DC=com",kjones,84da7c1e-69f8-48d9-afae-cc61bbf85be2

Microsoft 365 users

Copy
UserPrincipalName,ObjectGuid
Joe.Smith@domain.com,dd16cabd-b1a6-4fc4-b5b6-d86d8d8fca9e
Kelly.Jones@domain.com,84da7c1e-69f8-48d9-afae-cc61bbf85be2

Rule settings

Query section

Setting name Description

Select data source

Specifies the text file to be imported.

The […] button allows the user to browse for the file and the Create/Edit button allows the creation or editing of the existing file in the built-in Data Source editor.

If you need to enforce licenses to hybrid users, use the Enforce Office 365 License (Hybrid) - Template.csv.

If you need to enforce licenses to Microsoft 365 users, use the Enforce Office 365 License (Microsoft 365) - Template.csv.

Data source anchor attribute

Select a column in the data source that contains the attribute value for identifying and mapping a user like UserPrincipalName.

Account source system

Select the source system of the accounts listed in the CSV file: Hybrid or Microsoft 365.

User anchor attribute

Automap searches for a user using the standard identity attribute DistinduishedName, UserPrincipalName, and ObjectGUID.

Select a custom attribute if your users are identified by a different attribute.

NOTE: Microsoft best practices assume the Active Directory and Microsoft 365/Entra ID UPNs will match. 

More Options

Filter CSV data

This setting specifies the filter that can remove data rows from the imported text file that satisfies the specific condition.

Properties to display

Each object property defined in this setting matches the column that will be displayed in the Web Portal for this web query.

To display additional columns, add the required properties to the Properties to display list.

To add extension attribute 1 that is synchronized from AD, you need to use a value like:

Copy
"OnPremisesExtensionAttributes/extensionAttribute1~Extension Attribute 1"

Filter Office 365 users

To hide unwanted data set the filtering conditions here.

Initialization script

Script

Usually, rules use query criteria to limit the query search scope. It improves the performance of the executed rule.

Due to the PowerShell limitations, it is not possible to use calculated expressions in query criteria. That is the point where the initialization script can help. You can initialize a global variable in this setting and then use it in query criteria.

IMPORTANT: To use a variable, declared in the initialization script, in the query scope, it must be global: $global:<variable name>.

Example: Update AD users, created in the last ten days.

  1. Add this initialization script

    Copy
    {$global:DatePeriod = (Get-Date).AddDays(-10)}

  2. Use the $DatePeriod variable in the query criteria builder:

Output section

This section defines the output format of this rule.

To get more information about this section, please see the Rule Output section article.

Enforce/Schedule section

This section defines the schedule for how often to run the rule.

To get more information about this section, please see the Rule Enforce/Schedule section article.

© Copyright 2013-2026 Cayosoft Inc. All rights reserved.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.