Blog Post

Intune Customer Success

2 MIN READ

Support tip: Migrate your classic Conditional Access policies

Microsoft

Apr 19, 2024

Azure Active Directory (Azure AD) Graph has been deprecated since mid-2023 and is in its retirement phase to allow applications time to migrate to Microsoft Graph. As part of our ongoing efforts to p...

Updated May 14, 2024

Version 4.0

Conditional Access

Intune Company Portal

Intune_Support_Team

Microsoft

Joined October 11, 2018

View Profile

Intune Customer Success

Follow this blog board to get notified when there's new activity

Kazzan

MVP

Apr 21, 2024

Hi, can you please clarify which type of Classic Policies need to be migrated?

All or only one targeted to Intune related apps or this requires compliance like "[Office 365 Exchange Online] Device policy"?

Because Defender for Endpoint (MDE/MDATP) and other security connectors seems still rely on legacy CA policy created when connector created like "[Windows Defender ATP] Device policy" which when disabled and deleted broke the connection itself.

For example one of the oldest tenants have these policies enabled:

[Office 365 Exchange Online] Device policy
[GraphAggregatorService] Device policy
[Office 365 SharePoint Online] Device policy
[Outlook Service for OneDrive] Device policy
[Outlook Service for Exchange] Device policy
[Windows Defender ATP] Device policy