Learn Conditional Access in just 25 Mins

Поделиться
HTML-код
  • Опубликовано: 20 дек 2024

Комментарии • 56

  • @mkelly01
    @mkelly01 Год назад

    Perfect timing. I was just coming to your channel looking for info on this!

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад

      Hey that’s awesome😊I hope you’ll subscribe 👍

  • @edipocdf
    @edipocdf Год назад

    tks a lot.

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад

      Hey thanks so much I appreciate that👍🤗😊

  • @TN_HondaDad
    @TN_HondaDad Год назад

    A great quick crash course, thank you!

  • @DoubleA-ARon
    @DoubleA-ARon Год назад

    Andy, as always, excellent content!

  • @markokoning6697
    @markokoning6697 7 месяцев назад

    Thanks alot Andy,
    a very informative video Thank you!

  • @soodshubham7671
    @soodshubham7671 Год назад +1

    Andy, thank you sincerely for sharing such valuable knowledge. I genuinely appreciate it. I hope that one day, I will have the opportunity to meet you in person and express my gratitude personally :)

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад +1

      Aw that is so kind, thank you so much. I really do appreciate that 😊 and 👍

  • @MichaelToub
    @MichaelToub 7 месяцев назад +1

    Great Video!

  • @RameshKotha-n1r
    @RameshKotha-n1r 5 месяцев назад

    Great explanation

  •  25 дней назад

    Correct me if i am wrong but with CA - the most restrictive takes place? Lets say there are two CAs # one states users must have MFA enabled before accessing a Entra id SSO app #
    second CA states allow all users to access a entra ID SSO app without any specific authentications -
    This means when the users access this entra id sso app they will have to use MFA due to the first CA rule being the most restrictive

  • @sreenathchandrakandham5309
    @sreenathchandrakandham5309 10 месяцев назад

    Great learning, thank you

  • @sanjai2k
    @sanjai2k 2 месяца назад

    Thanks for the wonderful session. Does Azure Virtual Desktop support MFA? Because when i tried it failed, so kindly guide on resolving it?

    • @AndyMaloneMVP
      @AndyMaloneMVP  Месяц назад

      It does but with a bit of work. Check out the Microsoft documentation on lynne.microsoft.com.

  • @alvarogomez5458
    @alvarogomez5458 8 месяцев назад

    Hello, I just found your video.. it is really interesting and helpful, it solved a lot of my questions, I was recently tasked to use conditional access to block access to onedrive on non company devices, any ideas on how to block one drive only?

    • @AndyMaloneMVP
      @AndyMaloneMVP  8 месяцев назад

      Look at the OneDrive settings in the sharepoint admin centre

  • @Abayomi-Munatech
    @Abayomi-Munatech Год назад +1

    Pls,How can I get train from you?
    Thanks

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад

      Pay me lots of money🤣😂🤗

    • @Abayomi-Munatech
      @Abayomi-Munatech Год назад

      @@AndyMaloneMVP I'm ready pls

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад

      @@Abayomi-Munatech please send me an email via my RUclips channel or LinkedIn giving me details of where your located and what training your looking for. My schedule is very busy but I can see if I can fit you in.

  • @moazzammahmood
    @moazzammahmood Год назад

    Great video very informative Thanks!!!!

  • @Best111
    @Best111 6 месяцев назад

    Great Videos! You Add a new Subscriber

  • @ManoElMacho
    @ManoElMacho Год назад

    well done mate :)

  • @patrick__007
    @patrick__007 Год назад

    You can now add some M365 admin portal in the CA. Thanks Andy!

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад +1

      You are quite correct, you always could👍

  • @moepskie
    @moepskie Год назад

    Regarding the warning about the legacy authentication clients: disable legacy authentication by default (it's a recommendation documented by Microsoft somewhere). Either set a CA policy to block it entirely, or disable it through the Admin center (or both).

  • @MBudhwant
    @MBudhwant Год назад

    Very helpful

  •  25 дней назад

    Correct me if i am wrong but with CA - Block takes precedence right? lets say i got two CAs # one CA states BLOCK all users from accessing a Entra ID SSO app # second CA states allow
    all users to access a Entra ID SSO App, this means all users will be BLOCKED from accessing that Entra ID SSO app.

  • @brandonw1604
    @brandonw1604 Год назад +5

    With IPv6 you want to make sure you allow unnamed locations. IPv6 doesn't always give a location and you can accidentally lock out your CEO from the calendar when he's trying to plan his mother's funeral.

    • @BloomerzUK
      @BloomerzUK Год назад +5

      Your comment made me laugh

    • @brandonw1604
      @brandonw1604 Год назад +1

      @@BloomerzUK it wasn't a call I wanted at 6AM on a Sunday. Lol lesson never forgotten.

    • @BloomerzUK
      @BloomerzUK Год назад +1

      @@brandonw1604 I thought you were joking.. you poor sod!

    • @brandonw1604
      @brandonw1604 Год назад

      @@BloomerzUK nope, didn't know about IPv6 and locations.

    • @marcusm5127
      @marcusm5127 9 месяцев назад

      Odly specific. Poor guy I wouln't want that call.

  • @richarddstephens
    @richarddstephens Год назад

    Love your content. Been following for a while now. Question for you on MFA/CA policies. As an admin, my phone screen went out on me, leaving me basically without a phone. Couldn't receive calls or texts which is what my MFA was configured for. What's the best way to configure myself so that if I'm ever in this situation again, I can still authenticate and access M365?

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад

      This is easy. Go into Microsoft 365 and go into the users account. There is an option to reinforce MFA. This will then force the user to repeat the MFA registration process. It’s well documented, learn.microsoft.com. Good luck

  • @AlBergstein
    @AlBergstein 9 месяцев назад

    Just a mention: User Risk and Sign In Risk require P2 licensing. Many NGOs that I handle do not get that in their licensing. Conditional access appears with P1 licensing which my NGOs apparently all have by default. (sigh)

    • @AndyMaloneMVP
      @AndyMaloneMVP  9 месяцев назад

      You’re right identity protection requires P2 conditional access P1

  • @kareemck9479
    @kareemck9479 4 месяца назад

    Thanks for the vedio.
    Could you please let me know what would be the ideal way to configure a policy if i wants to block all the countries and only allow users to login from the country where our office resides
    I know we can simply create this using named location and CA
    But what if any of my users travelling and i need to give them access to those countries as well.(only that user) i also dont want that user to get access to any other country than where she is travelling and office locations
    I tried multiple ways of creating polcies , but none seems to be fitting in.
    Some or the other flaws
    Can you please help me here

    • @AndyMaloneMVP
      @AndyMaloneMVP  4 месяца назад

      I would probably create an allow only list which blocks all other countries using location based conditional access. For documentation on this please visit learn.microsoft.com or post a question to the Microsoft tech community 😊

    • @kareemck9479
      @kareemck9479 4 месяца назад

      @@AndyMaloneMVPi beleive u probably misuderstood my question
      I will give you an example. My office resides in india. So i created a names location named office location and selected india .
      Created a policy excluding office location i.e india . Included any location . Grant acess block for all users.
      Now for eg if my CEO is travelling to UK , i want to allow him to login to all apps from india as well as UK. So if i exclude him from the main policy , he would be able to login from anywhere. But i only want him to login from uk and india.
      Secondly if i exclude him from main policy and create a new names location travel country and add UK. And create a new CA policy adding only my CEO and blocking any location excluding travel country.
      Would he be able to login only from uk or india and uk??
      Secondly everytime when user travels we have to add them to secuity group and remove later which is a lot manual work
      So what would you suggest
      You help would be much appreciated .
      Thanks again for the swift response

  • @sethb.9601
    @sethb.9601 Год назад

    I don't have that many options under protect & secure, just authenticaton methods and password reset. How do I unlock conditional access?

  • @rollover36
    @rollover36 Год назад

    Excelent vifdeo, 1.25 speed is the sweet spot for me but I appreciate the original speed

  • @patrick__007
    @patrick__007 Год назад

    Perhaps for an future update on CA with Windows Defender Cloud for Apps?

    • @AndyMaloneMVP
      @AndyMaloneMVP  Год назад

      If you take a look in my Microsoft defender and Microsoft per view playlists, there are sessions on cloud apps here that explain everything

  • @volkersahm
    @volkersahm 3 месяца назад

    well done. I want to suggest a more practical approach with examples in a real environment and with a specific set of policies that are basic best practice. not only showing the admin portal but also show a real result on a device. also a minimum security setup with a set of policies and settings would be nice as example. also we want to copy and paste a basic set of policies and settings from one tenant to another, to have best practice minimal settings for all clients. maybe one or more of those suggestions will lead to an update video on this neat features...thanks!

    • @AndyMaloneMVP
      @AndyMaloneMVP  3 месяца назад

      Absolutely, come on one of my courses and I’ll show you

  • @audiodiwhy2195
    @audiodiwhy2195 5 месяцев назад

    User interface at Entra has changed (of course). Still a good video.

  • @millicentwright9359
    @millicentwright9359 Год назад

    😞 Promo>SM