Forum Discussion
Conditional Access Policy will not save "Validating Policy"
Tomnibus_MedOne Yes, it started working for me as well yesterday, with no intervention required.
In fact, I haven't even heard back from Microsoft Support yet, despite opening the case 6 days ago and sending a chasing email a day or two ago.
Hi itomni, snout ChrisShawLHC and possibly Brownin88,
While this is broken on the Azure side of things, there is a workaround with Graph.
1) Create the policy in Azure AD without setting Sign-In Frequency.
2) Head over to Graph and sign in with your Global Administrator account https://developer.microsoft.com/en-us/graph/graph-explorer
3) Run the following query: GET https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies
(you may need to Consent to a few things under Modify Permissions)
4) Find the Policy you just created in the Response Preview and copy the ID
5) Change the request to PATCH and add the ID to the end of the previous request:
PATCH https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies/<id> and Edit your Request body to the following:
{
"sessionControls": {
"signInFrequency": {
"value": 90,
"type": "days",
"isEnabled": true
}
}
}
6) Run the query (you may have to consent to a couple of things again)
7) Done! You will get a 204 No Content success message and the policy has now been updated
- Thanks for this. It's faster than getting all the PowerShell modules installed and doing it that way.
- This looks great! For me, with my open ticket. I don't want to change anything lest they conclude the problem doesn't exist anymore. But I hope this helps someone else.
