Get-MgIdentityConditionalAccessPolicy Archives

Why MFA, Conditional Access, and Sensitivity Labels can Combine to Give Outlook a Problem

Posted on February 12, 2024February 7, 2024 by Tony Redmond

If conditional access policies impose MFA for all cloud apps, it gives external users a problem when they use Outlook desktop to read protected email. The issue is because Outlook can’t obtain a use license to decrypt the content because it can’t satisfy the MFA challenge. It’s an example of how two good parts of the Microsoft 365 ecosystem clash.

Exclude Breakglass Accounts from Conditional Access Policies with PowerShell

Posted on December 7, 2023December 7, 2023 by Tony Redmond

Conditional access policies control access to Entra ID connections. Policies should have exclusions for breakglass accounts, but sometimes this doesn’t happen. This article explains how to use cmdlets from the Microsoft Graph PowerShell SDK to check conditional access policies and update policies with exclusions where necessary.

To Top