Forum Discussion
Signins: Login status = success but Conditional access = failed?
When looking at the Sign-in logs, I see entries with Status = success while the Conditional Access = failure. Shouldn't the status say Failure as well when the conditional access is blocking t...
I believe i can explain this behavior.
The Conditional Access block action for ActiveSync is unique. It does not fail the sign in with Azure AD, it signals Exchange to perform a quarantine on the device. The user is able to successfully configure the AS connection, but rather than get access to anything they see a single email stating that ActiveSync is not permitted. This is very similar to the 'Require approved client app' condition.
Rest assured that the user is effectively blocked from setting up a working AS account, but since the sign in is not immediately failed like most CA policies it is technically correct for it to show as a successful sign-in. It will also result in frequent sign-ins if the user doesn't remove the account, which may look like active usage.
I'm not sure how this will be handled when Microsoft finally block legacy protocols permanently, but this is the current behavior as tested in October 2022.
The Conditional Access block action for ActiveSync is unique. It does not fail the sign in with Azure AD, it signals Exchange to perform a quarantine on the device. The user is able to successfully configure the AS connection, but rather than get access to anything they see a single email stating that ActiveSync is not permitted. This is very similar to the 'Require approved client app' condition.
Rest assured that the user is effectively blocked from setting up a working AS account, but since the sign in is not immediately failed like most CA policies it is technically correct for it to show as a successful sign-in. It will also result in frequent sign-ins if the user doesn't remove the account, which may look like active usage.
I'm not sure how this will be handled when Microsoft finally block legacy protocols permanently, but this is the current behavior as tested in October 2022.