I’m just waiting for your Azure iaas series, 🤓 hope that when you create it it will be as awesome 👏 as all your videos are, as a subscriber I really like and appreciate you going into deep rather than superficially explanation (I reckon you keep making long videos explaining everything in detail) Keep the fire 🔥 coming. Cheers !
If the app is not visible in the conditional access policy under cloud apps section then what is the way to make it available. Do we need to add the app under app registeration ? Any idea about this
MFA trusted IP is a default option, click on named location and then click on configure trusted IP location, you will be redirected to a page from where you can configure trusted ip locations.
Hi sir, your videos are really helpful, interesting and informative, can you also make a video on how to use fiddler and analyze fiddler logs for authentication???
Today I found a weird thing in CA I tried to exclude the cloud app Office 365 everything was good . When I tried to exclude any other cloud app, results were not appropriate.,it was not working. Can't we exclude cloud apps in the CA policy. Requirement: All cloud apps except intune require compliant device .I tried and edited the policies multiple ways but the result is same.. however the same policy works fine for Office 365
Conditional Access MFA will be triggered as per the condtions that you have define, where as directory enabled MFA is going to impact all the authentications.
Could you please make a complete different video on all session controls as app enforced restrictions are very useful(although applicable only on sharepoint online exchange online) and would love to learn from your video. Persitent browser session and sign in frequency will also be helpful
What is your next topic? I am asking because you always mention in your video about your next agenda and people like me eagerly wait to see that. Thanks a lot again.
Hi Sir, is the Conditional access policy will work if I do use federated domain instated of Managed domain? As per my understanding if my domain is federated then I have to configure the access control policy on the ADFS relying party trust.
HI sir please answer as soon as possible i need to is this policy is at user level or at application level if on user level than how to set this for user level.
Your videos are very helpful. They way you explain is crystal clear. I have quick question, In the above example you have shown to to authorize the user in SAAS based application. Can you please let me know how to protect the in-house build application. For Ex: Web server is on promises and build the .net application which i want to protect using AAD.
Hello Rajesh, You must implement Azure AD authentication in your application. Add your application to in Azure AD, and if the users are licensed you can use this feature. Check this link to know the difference between MSAL and ADAL docs.microsoft.com/en-us/azure/active-directory/develop/msal-compare-msal-js-and-adal-js Regards, ConceptsWork
At the time of creation of this video, there were no as such announcement, but now it is there, Thanks for bringing this up. docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-baseline-protection
Neil Ruston - good article here as well. www.vansurksum.com/2020/01/12/microsoft-deprecates-conditional-access-baseline-policies-in-favor-of-security-defaults-here-is-what-you-need-to-know-and-do/
Thanks for the wonderful explanation .But i have little concern .Don't mistake me please go little slow i could not be able to follow your explanation .Its my humble request .Once again thanks for your effort .
Hi sir, your videos are really helpful, interesting and informative, can you also make a video on how to use fiddler and analyze fiddler logs for authentication???
Well done mate, you are really doing good Job and your blog deserve much more attention. Thorough and content based explanation.
Thank you so much 🙂
Well done. This give me a better idea on managing conditional access policies.
quite thorough.please keep up the good work. Finally thanks for sharing your knowledge. From sydney
What is persistent option does in session control?please explain Sir
thank you for sharing the knowledge, we tried enabling the CA for VDI but is not working. can you suggest us how to setup the same
I’m just waiting for your Azure iaas series, 🤓 hope that when you create it it will be as awesome 👏 as all your videos are, as a subscriber I really like and appreciate you going into deep rather than superficially explanation (I reckon you keep making long videos explaining everything in detail) Keep the fire 🔥 coming. Cheers !
Very soon!
What about Conditional access on Outlook client and teams desktop apps ?
Hi Can you please guide us for conditional access for Exchange 2016?
If the app is not visible in the conditional access policy under cloud apps section then what is the way to make it available. Do we need to add the app under app registeration ? Any idea about this
from where "MFA trusted IPs" are coming at 8:46?
MFA trusted IP is a default option, click on named location and then click on configure trusted IP location, you will be redirected to a page from where you can configure trusted ip locations.
When I create CA policy for O365 & WVD ... Outlook App stops working any thoughts to configure the policy better?
Hi sir, your videos are really helpful, interesting and informative, can you also make a video on how to use fiddler and analyze fiddler logs for authentication???
User can have full access to one drive in the office premise. When they access from other networks it should be web only.
Hi, can I know how I can request MFA to be happen EVERYTIME to an APP. Even we still see the message saying " .
Could you please make video on Continuous Access Evaluation?
Today I found a weird thing in CA
I tried to exclude the cloud app Office 365 everything was good .
When I tried to exclude any other cloud app, results were not appropriate.,it was not working.
Can't we exclude cloud apps in the CA policy.
Requirement:
All cloud apps except intune require compliant device .I tried and edited the policies multiple ways but the result is same.. however the same policy works fine for Office 365
Hi Sir, Could you please let me know how to set access token time in this conditional access policy?
Thanks in advance
How conditional access differs from MFA for Users which we can set from Azure AD Tenant > All users > Multi-Factor Authentication?
Conditional Access MFA will be triggered as per the condtions that you have define, where as directory enabled MFA is going to impact all the authentications.
Could you please make video analysis of MDE client analyzer logs. It would great helpful.
It will be posted very soon, thank you for being an active member.
Could you please make a complete different video on all session controls as app enforced restrictions are very useful(although applicable only on sharepoint online exchange online) and would love to learn from your video. Persitent browser session and sign in frequency will also be helpful
Yes I will
You are the best bro!
Glad it helped :-)
Hello sir, while configuring conditional access for a user not to have access to an app, Onedrive isn't on the app list, what could be the cause?
Onedrive option has been removed long back, as it has dependency on SharePoint.
How to block Skype for business for few user by using conditional access?
What is your next topic? I am asking because you always mention in your video about your next agenda and people like me eagerly wait to see that. Thanks a lot again.
Thanks for being so generous, I will start with EMS now.
@@ConceptsWork Great.. Please try to create some session on ADCS if possible :)
Hi Sir, is the Conditional access policy will work if I do use federated domain instated of Managed domain?
As per my understanding if my domain is federated then I have to configure the access control policy on the ADFS relying party trust.
ADFS access control policy is for authorization model of ADFS, where as conditional Access is feature of AzureAd.
HI sir please answer as soon as possible i need to is this policy is at user level or at application level if on user level than how to set this for user level.
Conditional Access policies are created for users, to address different conditions.
Your videos are very helpful. They way you explain is crystal clear. I have quick question, In the above example you have shown to to authorize the user in SAAS based application. Can you please let me know how to protect the in-house build application. For Ex: Web server is on promises and build the .net application which i want to protect using AAD.
Hello Rajesh,
You must implement Azure AD authentication in your application.
Add your application to in Azure AD, and if the users are licensed you can use this feature.
Check this link to know the difference between MSAL and ADAL
docs.microsoft.com/en-us/azure/active-directory/develop/msal-compare-msal-js-and-adal-js
Regards,
ConceptsWork
Baseline Policies are now deprecated.
At the time of creation of this video, there were no as such announcement, but now it is there, Thanks for bringing this up.
docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-baseline-protection
Neil Ruston - good article here as well. www.vansurksum.com/2020/01/12/microsoft-deprecates-conditional-access-baseline-policies-in-favor-of-security-defaults-here-is-what-you-need-to-know-and-do/
Thanks for the wonderful explanation .But i have little concern .Don't mistake me please go little slow i could not be able to follow your explanation .Its my humble request .Once again thanks for your effort .
Noted
@@ConceptsWork Thanks sir 👍
Hi sir, your videos are really helpful, interesting and informative, can you also make a video on how to use fiddler and analyze fiddler logs for authentication???