Enable MFA for Exchange Online and Outlook, Skype Online and the Skype client

For the Office 365 services, the default state of modern authentication is:

• Exchange Online - off by default
• Skype Online - off by default 
• SharePoint Online - on by default

This means you have to enable it for Exchange Online and Skype Online after enabling MFA for your users.

Here how:

For Exchange Online:

Connect to Exchange Online PowerShell as shown here.
Do one of these steps:

1. Run this command to enable modern authentication in Exchange Online:
   

   Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

2. Run this command to disable modern authentication in Exchange Online:
   

   Set-OrganizationConfig -OAuth2ClientProfileEnabled $false

3. To verify that the change was successful, run this command:
   

   Get-OrganizationConfig | Format-Table -Auto Name,OAuth*

For Skype Online:

Connect to Skype for Business Online using remote PowerShell: https://aka.ms/SkypePowerShell
Run the following command:

1. Run this command to enable modern authentication in Skype Online:
   

   Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed

2. Verify that the change was successful by running the following:
   

   get-CsOAuthConfiguration | select ClientAdalAuthOverride

The output for both will look like this:

Get-OrganizationConfig | Select OAuth2ClientProfileEnabled

OAuth2ClientProfileEnabled
--------------------------
                     False

Set-OrganizationConfig -OAuth2ClientProfileEnabled $True


Get-OrganizationConfig | Select OAuth2ClientProfileEnabled

OAuth2ClientProfileEnabled
--------------------------
                      True

Get-CsOAuthConfiguration | Select ClientAdalAuthOverride

ClientAdalAuthOverride
----------------------
Disallowed

Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed
Get-CsOAuthConfiguration | Select ClientAdalAuthOverride

ClientAdalAuthOverride
----------------------
Allowed