MFA-enabled Microsoft 365 admin accounts will not allow you to configure Server-side via Web console. This is only possible via PowerShell. This article describes how to configure Xink rerouting for Microsoft 365 without disabling your admin account's Multi-Factor Authentication.
1. Install Exchange Online Remote PowerShell Module.
a. In the Exchange Admin Center, go to Hybrid > Setup and click the Configure button to download the Exchange Online Remote PowerShell Module for Multi-Factor Authentication.
b. In the Application Install window that opens, click Install. If you get an error, try using Microsoft Edge browser to access Office 365 tenant and click Configure.
2. Download the Xink PowerShell Script and save it to a local drive. (Ex. D:\Xink\MFA Test).
a. After downloading, make sure to right-click and go to the general tab to Unblock the script and Apply.
3. Launch the Microsoft Exchange Online PowerShell Module and run the below commands.
a. Enter your Xink Admin credentials once prompted.
$xinkCred = Get-Credential
b. Go to the folder where you saved the PowerShell script. (ex. CD D:\Xink\MFA Test) and run the below command. You will be asked to log into your Microsoft 365 portal through MFA.
.\xink-rerouting.ps1 -UseMFA -XinkCredential $xinkCred -O365LogonEmail "email@example.com" -Create
The screenshot below shows the result of the script that ran successfully.
Tick the boxes below then click Save. Please allow 1 hour for the replication to take place before sending a test email from mobile.
How to Add/Map new domains
Use -Validate switch.
.\xink-rerouting.ps1 -UseMFA -XinkCredential $xinkCred -O365LogonEmail "firstname.lastname@example.org" -Validate
How to Disable Server-side
Use -Remove switch.
.\xink-rerouting.ps1 -UseMFA -XinkCredential $xinkCred -O365LogonEmail "email@example.com" -Remove