Public/AzureMFA/Set-MfaState.ps1

function Set-MfaState {

  <#
  .SYNOPSIS
  Convert MFA users to Azure MFA Conditional Access users
 
  .DESCRIPTION
  Convert MFA users to Azure MFA Conditional Access users
 
  .PARAMETER UserPrincipalName
  Enter UserPrincipalName
 
  .PARAMETER State
  Enter State
 
  .EXAMPLE
  Set-MfaState -UserPrincipalName <user@domain.com> -State Disabled
 
  .EXAMPLE
  Get-MsolUser -All | Set-MfaState -State Disabled
 
  .NOTES
  General notes
  #>


  [CmdletBinding()]
  param(
    [Parameter(ValueFromPipelineByPropertyName = $True)]
    $ObjectId,
    [Parameter(ValueFromPipelineByPropertyName = $True)]
    $UserPrincipalName,
    [ValidateSet("Disabled", "Enabled", "Enforced")]
    $State
  )

  Process {
    Write-Verbose ("Setting MFA state for user '{0}' to '{1}'." -f $ObjectId, $State)
    $Requirements = @()
    if ($State -ne "Disabled") {
      $Requirement =
      [Microsoft.Online.Administration.StrongAuthenticationRequirement]::new()
      $Requirement.RelyingParty = "*"
      $Requirement.State = $State
      $Requirements += $Requirement
    }

    Set-MsolUser -ObjectId $ObjectId -UserPrincipalName $UserPrincipalName `
      -StrongAuthenticationRequirements $Requirements
  }
}