Learn Conditional Access in just 25 Mins

preview_player
Показать описание
In this session I’ll take you from zero to hero in terms of Azure Active Directory’s Conditional Access. Here you’ll learn not only what it is but also what it does and how it works. In less than 30 mins I’ll not explain as to what Conditional Access is, but also how to administer and troubleshoot it. So if you’re studying for a Microsoft exam or simply want to brush up on your skills, then this is a session that you’ll not want to miss.

Timecodes

00:00 Session begins
00:53 Microsoft Co-Pilot Availability News!
02:49 Conditional Access - The Theory bit.
06:26 Conditional Access Demofest
06:41 Microsoft Azure AD Identity Protection Explained
06:40 Conditional Access Deep Dive
09:10 New IPV6 Support
10:02 Conditional Access Authentication Strengths Explained
11:32 Creating Conditional Access Policies from Scratch
15:05 Conditional Access Dynamic Filters
17:09 A word about Compliant network Locations
19:42 Enforcing Authentication Strengths
21:05 Continuous Access Evaluation
22:25 Troubleshoot Policies with the What If Tool
23:06 Troubleshoot Policies with the Sign in Logs
24:05 Exploring Conditional Access Policy Templates
24:53 Session Conclusions
Рекомендации по теме
Комментарии
Автор

Andy, thank you sincerely for sharing such valuable knowledge. I genuinely appreciate it. I hope that one day, I will have the opportunity to meet you in person and express my gratitude personally :)

soodshubham
Автор

With IPv6 you want to make sure you allow unnamed locations. IPv6 doesn't always give a location and you can accidentally lock out your CEO from the calendar when he's trying to plan his mother's funeral.

brandonw
Автор

Perfect timing. I was just coming to your channel looking for info on this!

mkelly
Автор

Thanks alot Andy,

a very informative video Thank you!

markokoning
Автор

A great quick crash course, thank you!

TN_HondaDad
Автор

well done. I want to suggest a more practical approach with examples in a real environment and with a specific set of policies that are basic best practice. not only showing the admin portal but also show a real result on a device. also a minimum security setup with a set of policies and settings would be nice as example. also we want to copy and paste a basic set of policies and settings from one tenant to another, to have best practice minimal settings for all clients. maybe one or more of those suggestions will lead to an update video on this neat features...thanks!

volkersahm
Автор

Regarding the warning about the legacy authentication clients: disable legacy authentication by default (it's a recommendation documented by Microsoft somewhere). Either set a CA policy to block it entirely, or disable it through the Admin center (or both).

moepskie
Автор

User interface at Entra has changed (of course). Still a good video.

audiodiwhy
Автор

You can now add some M365 admin portal in the CA. Thanks Andy!

patrick__
Автор

Great video very informative Thanks!!!!

moazzammahmood
Автор

Just a mention: User Risk and Sign In Risk require P2 licensing. Many NGOs that I handle do not get that in their licensing. Conditional access appears with P1 licensing which my NGOs apparently all have by default. (sigh)

AlBergstein
Автор

Great Videos! You Add a new Subscriber

Best
Автор

Hello, I just found your video.. it is really interesting and helpful, it solved a lot of my questions, I was recently tasked to use conditional access to block access to onedrive on non company devices, any ideas on how to block one drive only?

alvarogomez
Автор

Excelent vifdeo, 1.25 speed is the sweet spot for me but I appreciate the original speed

rollover
Автор

Perhaps for an future update on CA with Windows Defender Cloud for Apps?

patrick__
Автор

Love your content. Been following for a while now. Question for you on MFA/CA policies. As an admin, my phone screen went out on me, leaving me basically without a phone. Couldn't receive calls or texts which is what my MFA was configured for. What's the best way to configure myself so that if I'm ever in this situation again, I can still authenticate and access M365?

richarddstephens
Автор

Pls, How can I get train from you?
Thanks

abayomitaoheed
Автор

I don't have that many options under protect & secure, just authenticaton methods and password reset. How do I unlock conditional access?

sethb.
Автор

Thanks for the vedio.

Could you please let me know what would be the ideal way to configure a policy if i wants to block all the countries and only allow users to login from the country where our office resides
I know we can simply create this using named location and CA

But what if any of my users travelling and i need to give them access to those countries as well.(only that user) i also dont want that user to get access to any other country than where she is travelling and office locations

I tried multiple ways of creating polcies, but none seems to be fitting in.
Some or the other flaws

Can you please help me here

kareemck