![]() Under Conditions > Client apps, set Configure to Yes.Under Cloud apps or actions, select All cloud apps.If you don't exclude any account, you won't be able to create this policy. Exclude at least one account to prevent yourself from being locked out. Under Exclude, select Users and groups and choose any accounts that must maintain the ability to use legacy authentication.Under Assignments, select Users or workload identities.We recommend that organizations create a meaningful standard for the names of their policies. Browse to Azure Active Directory > Security > Conditional Access.Sign in to the Azure portal as a Conditional Access Administrator, Security Administrator, or Global Administrator.When administrators are comfortable that the policy applies as they intend, they can switch to On or stage the deployment by adding specific groups and excluding others. This policy is put in to Report-only mode to start so administrators can determine the impact they'll have on existing users. ![]() The following steps will help create a Conditional Access policy to block legacy authentication requests. Organizations can choose to deploy this policy using the steps outlined below or using the Conditional Access templates (Preview). ![]() For more information about why blocking legacy authentication is important, see the article How to: Block legacy authentication to Azure AD with Conditional Access. Due to the increased risk associated with legacy authentication protocols, Microsoft recommends that organizations block authentication requests using these protocols and require modern authentication.
0 Comments
Leave a Reply. |