Hunting down personal Microsoft accounts using an corporate Email address in O365

Recently my company started endeavored on setting up an O365 (Office 365) tenant in full Hybrid mode with our on-premise Exchange infrastructure. One of the issues we ran into as we started migrating pilot users was that some of our various Exchange integrations didn’t handle the authentication when the user in question had an existing personal Microsoft account associated with their corporate email address.  As an example, users in this state would se something like this when they logged into the O365 portal

My company leverages Blackberry UEM as our mobile email solution, and for any user migrated to Office 365 that was in this state could not user mobile email access via BlackBerry work due to the fact that it would receive this prompt and not be able to process it. We contacted MS and ask if we could be provided a list of all personal Microsoft accounts that were using a domain owned by my company, but for obvious legal reasons they could not. So the only option left to use was to test every email address in our environment against the office 365 login page (https://login.microsoftonline.com). After some testing we were able to properly inspect the login process and create a PowerShell script that could present an email address to this page and return not only if it was associated with a personal account but the federated gateway it was associated with. Here is a link to the Github repository for the PowerShell function in question. We tested it against about 8000 email addresses with no issues, but your mileage may vary.

https://github.com/Iczer1/O365-Scripts/blob/master/Check-PersonalAccount.ps1

Posted in Office 365 | Leave a comment
  • Archives

  • September 2019
    M T W T F S S
    « Mar    
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    30  
  • Page list