Forum Discussion

Fahadgul3333's avatar
Fahadgul3333
Copper Contributor
Aug 22, 2024

We have multiple Licenses I want to Implement Conditional Access Policy

Hello Everyone,     We have multiple Licenses I want to Implement Security on all users.   I created a Group, added all Company users to this group, and assigned a P1 license to this group.   ...
best practices
business
enterprise
General
kyazaferr's avatar
kyazaferr
Steel Contributor
Nov 19, 2024
  1. License Requirements:
    • Ensure that the group-based license assignment includes Azure AD Premium P1, as Conditional Access policies require it.
  2. User Provisioning Delays:
    • There may be a short delay in policy enforcement right after a user is added to the excluded group. Test and account for this in operational procedures.
  3. Break-Glass Account:
    • Always have an account excluded from all Conditional Access policies to prevent accidental lockout.
  4. Auditing and Monitoring:
    • Use Sign-in logs in Azure AD to monitor blocked sign-ins and validate the policy's effectiveness.

Resources