Access Policy in CAS

Question

Hola Everyone,&nbsp;I hope you are doing well.&nbsp;I am trying to set conditional access and CAS access policy to block access to Outlook Fat Client. I configure this block in CAS and nothing happens. Do I have to configure something in Azure AD in the Conditional Access policy? Or is it redundant, meaning I should only configure on one side and not the other.Note that I already have a session policy for custom policy in Azure AD set up.Let me know your thoughts. Thank you.&nbsp;&nbsp;

ethan stern · Answer

MariaYacaman&nbsp;hi there!&nbsp; Can you send what your current conditional access policy looks like?&nbsp; In Azure AD to block desktop clients there is a setting for that- have you tried this out?&nbsp;&nbsp;&nbsp;&nbsp;

javiercaro · Answer

MariaYacaman&nbsp;&nbsp;I have the same issue. I tried to configure Access policy to block Exchange Online access from non compliant devices. It works on Windows 10 native mail client but not in Outlook from Office 2016. I also included browser access to the rule and I get the same behavior.&nbsp;I appreciate if someone could&nbsp; update why Outlook does not seem to obey the policy&nbsp;I attached an image showing what I get on Windows 10 native mail client (On this client it success)&nbsp;Regards.

ethan stern · Answer

JavierCaro&nbsp;Hi Javier, what is your policy set up like?&nbsp; Can you send a screen shot of the blades?

mariayacaman · Answer

Ethan Stern&nbsp;thank you for getting back to me.So I have played with all settings. When I configure to block from Azure AD it works under Access Controls. But when I leave without any access control grants as the screenshot attached and configure it is CAS (as the other screenshot attached), it will not do the block.&nbsp;Let me know if you need any more screenshots from me to further troubleshoot.Thank you.

mariayacaman · Answer

Ethan Stern&nbsp;see other screenshot of Azure AD.

Forum Discussion

Access Policy in CAS

8 Replies

Resources