This is how you both join Azure AD and enroll for MDM. Your admin need to have configured Automatic MDM enrollment into intune over at http://manage.windowsazure.com for this to work.
If you have Outlook 2016 or Outlook 2013 and want to use Azure MFA but you do not want to use Application Passwords there are one thing you need to do.
$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential
$UserCredential -Authentication Basic -AllowRedirection
Get-OrganizationConfig | fl *Oauth*
Click here to see: This is how Outlook Click to Run behaves with Azure MFA turned on
When you click enforce Azure MFA your users will not be able to Connect to Office 365 With Clients that does not support modern auth.
When they set up Outlook they will see this screen and be stuck there:
When you have enabled MFA on your Exchange Online Tenant this is what will happen:
If you enable Azure MFA in Office 365 and try to sync mail using the native Windows 10 Mail client, this is what the user will see:
(Sorry for the Language. Just the buttons and boxes are all the same)
What happens on your Windows Phone when you reset your Azure AD Password?
This happens on Windows Phone 10 Outlook:
Spoiler warning: Nothing happens, YET.
Here is how Outlook 2016 behaves when you activate Azure MFA for your Account.
Once you have set up the Cloud App Discovery feature then the service will send admins a weekly report with new apps and a one-button click to start managing them.
Here is what I used last week:
In Azure AD you have this service called Cloud App Discover. It consist of an agent you install on a local machine and a web service which polls the data and visualizes it.
Take a look at this:
This service is a great way to discover what your employees/users/students/family really uses and how much they use it. e.g. You have bought Google apps, but your users use OneDrive or Box.
I did not know I even used all these services. And best of all you can manage them with Azure AD which means you can use your Office 365 credentials to logon to these services.
Here is how you set up cloud discovery on a local machine:
Remember that if you want to distribute this application you need to include the CERT file as well.