PowerShell Where-Object query for empty or NULL contents between parentheses

Question

My apologies if my question doesn't quite describe what I'm asking here! I'm not sure how to filter for field contents, or lack off, between braces/parentheses. My top search results return THIS article, which I don't think resolves my issue.

I'm trying to pull all users from MSOnline/AzureAD that have the Multi Factor Authentication option Disabled/not set. This fact is a little trivial, but it sets the context....

I have the below query which returns a test user I know doesn't have the StrongAuthenticationRequirements value configured.

> get-MsolUser -UserPrincipalName test@contoso.com | select UserPrincipalName,DisplayName,StrongAuthenticationRequirements

UserPrincipalName DisplayName  StrongAuthenticationRequirements
----------------- -----------  --------------------------------
test@contoso.com  Test Account {}

I'm also able to run a query using Where-Object to find those that DO have the value set.

> get-MsolUser | where-object { $_.StrongAuthenticationRequirements -like "*Microsoft.Online.Administration.StrongAuthenticationRequirement*" } | select UserPrincipalName,DisplayName,StrongAuthenticationRequirements

UserPrincipalName DisplayName  StrongAuthenticationRequirements
----------------- -----------  --------------------------------
test@contoso.com  Test Account {Microsoft.Online.Administration.StrongAuthenticationRequirement}

My question is; how do I run a non-user specific query to find all instances where the StrongAuthenticationRequirement field is "{}"?

Thanks in advance!

Answer 1

Since StrongAuthenticationRequirements is a collection, an empty collection would have a Count value of 0.

Get-MsolUser -All | Where-Object { $_.StrongAuthenticationRequirements.Count -eq 0 } |
    Select UserPrincipalName,DisplayName,StrongAuthenticationRequirements