Microsoft Conditional Access Step by Step!
Рет қаралды 12,231
Күн бұрын
@ramsyrama Жыл бұрын
Another extremely well simplified but yet powerful video
@sheraazaliinamdar1216 Жыл бұрын
Very informative Andy, you gained a new subscriber!
@davidcarrico3385 Жыл бұрын
Hi, could you do a video on conditional access and multi factor authentication policies for Guest/B2B users?
@patrick__007 Жыл бұрын
You almost caused me and my dog a heart attack at 10:31 😂 Good video again, thanks for this🎉
@davidcarrico3385 Жыл бұрын
Great video. Can I use PowerBI to target the sign-in logs or audit logs to look at the data from a variety of angles not easily seen in the entra UI?
@AndyMaloneMVP Жыл бұрын
Yes, absolutely, you could use either a KQL query to do the task and then render the results as you wish. You could also perform a flow with PowerAutomate.
@KJA009 Жыл бұрын
Hey, Could you use InTune device compliance policies as another way filter access, for example you have to be signing in from a complaint device to access SharePoint or OWA ? Thanks.. Great Channel... Karl
@AndyMaloneMVP Жыл бұрын
Absolutely
@KJA009 Жыл бұрын
@@AndyMaloneMVP One last follow up.. If I have Data classification & sensitivity labels could some labels be set to require only an compliant device or have some conditional access policies applied ? Thanks
@AndyMaloneMVP Жыл бұрын
@@KJA009 that’s a great suggestion actually. At present, not that I know of, but this is something that you could easily pass onto the Microsoft product group through the suggestions. And also check out Microsoft documentation and support.microsoft.com
@MS365Admin Жыл бұрын
Hi Andy, thank you for the content, very informative. A question if you could help, please - when we add a trusted location on a Conditional Access policy, how does that work when a user is using a VPN? For example, a user is overseas and uses a VPN in order to connect to a Remote Desktop back in the office (trusted location). However, we do not want the user to access content (Cloud apps) on her local machine (which is overseas). Question: As she is connected to our office VPN, will Conditional Access recognise her location as overseas (then block access) or the office (trusted) location? Hope it is clear! Thank you again!
@AndyMaloneMVP Жыл бұрын
Great question. You need to use a trusted self generated certificate. Here is a great article to get you started. learn.microsoft.com/en-us/Windows-server/remote/remote-access/how-to-aovpn-conditional-access
@mark4052 Жыл бұрын
Hi Andy, thank you for the video, very informative. During an Access Review, can users decide whether they access to a resource? Thank you so much
@AndyMaloneMVP Жыл бұрын
If they are permitted. Here’s a video that you’ll perhaps find useful kzbin.info/www/bejne/gWanqX5mhdSIZ5osi=fmWwLCBUF5YAG2C9
@davidcarrico3385 Жыл бұрын
Again, great video. Another question. When something is set to report only or monitoring mode, my understanding is it’s not enforcing yet, those modes are to give you an idea of the implications of your settings, if that is accurate, where do you then go to see those implications?
@AndyMaloneMVP Жыл бұрын
You're bang on correct :-)
@moepskie Жыл бұрын
At least 3 places where you can check this: - From the Conditional Access homepage, go to monitoring OR - Check the sign-in logs from any users, and click on the Conditional Access: Reporting tab (which is CA monitoring mode) OR - From the Conditional Access homepage, activate Azure CA Monitoring (this step requires a bit of extra pre-work but is the most detailed option, however the 2 steps above are on by default and sufficient to check for CA implications)
@moepskie Жыл бұрын
Trying to think of a reason why you would set a device filter for a CA policy :-) Could be used to harden security even more I guess? (Like require employees to use a Dell laptop or else they'll get blocked), but seems a bit overkill? Just trying to find a specific situation where this would be amazing for
@AndyMaloneMVP Жыл бұрын
Guest device access
@jimmyjose3695 Жыл бұрын
Really informative! Does Patreon have labs to get some hands-on experience?
@AndyMaloneMVP Жыл бұрын
Unfortunately, no, Patreon doesn’t provide labs. Sorry
@shoaibawan797 Жыл бұрын
Very Usefull vedios but the only thing i am missing here is The table of content. Like i want you to create a library where i can only find vedios on Intune. Another library with vedios of Azure AD and ETC.
@AndyMaloneMVP Жыл бұрын
Explore my playlists on my channel
@NagaCharo 3 ай бұрын
How to setup MFA for guest users b2b ,for experience cloud salesforce???
@AndyMaloneMVP 3 ай бұрын
Create a conditional access policy for the salesforce app and assign it to guest users. Make sure it requires MFA. You’re good to go 😊
@NagaCharo 3 ай бұрын
@@AndyMaloneMVP Thank you ..iam from 🇮🇳 India
Tiin_vn - Viettel Media
Рет қаралды 28 МЛН
Nikita Zdradovskiy
Рет қаралды 7 МЛН
T-Minus365
Рет қаралды 2,6 М.
Microsoft Events
Рет қаралды 4,7 М.
John Craddock Identity and Access Training
Рет қаралды 6 М.
IBM Technology
Рет қаралды 87 М.
Office365Concepts
Рет қаралды 26 М.
Tiin_vn - Viettel Media
Рет қаралды 28 МЛН