Event banner

Basic Authentication and Exchange Online AMA

Event Ended

Wednesday, Oct 13, 2021, 09:00 AM PDT

In-Person

Event details

We are very excited to announce a Basic Authentication and Exchange Online AMA! An AMA is a live text-based online event similar to a “YamJam” on Yammer or an “Ask Me Anything” on Reddit. This ...

Dylan_Snodgrass

Updated Oct 13, 2021

AMA

mmattana

Brass Contributor

Oct 13, 2021

Hi AMA! Conditional Access Policies in Azure AD allows to choose "Other Clients" when blocking Legacy Auth in advance to see an expected impact, but you can't just disable IMAP and POP and leave SMTP open. Is there a way to create a CAP in advance so that we can block Basic for IMAP and POP only without impacting SMTP?

Greg Taylor - EXCHANGE
Microsoft
Oct 13, 2021
Hey Massimo, you can also use Auth Policies to do this - https://docs.microsoft.com/en-us/powershell/module/exchange/new-authenticationpolicy?view=exchange-ps You can set up a policy to block just POP and IMAP if you want to. You can also do this in Microsoft Admin Center - Org Settings, Modern Auth, the checkboxes there.
- mmattana
  Brass Contributor
  Oct 13, 2021
  Great! I think this addresses both questions 🙂 Thank you!
mmattana
Brass Contributor
Oct 13, 2021
Adding some notes here. I have a few companies (5000-10000 mailboxes each) without CA because they don't have AADP1. Any additional test to evaluate the impact in advance?
- Greg Taylor - EXCHANGE
  Microsoft
  Oct 13, 2021
  In that case I'd suggest getting into the Azure AD Sign In Logs and looking for usage. Or just setting an Auth Policy - and waiting to see what happens... 😉

Date and Time

Oct 13, 20219:00 AM - 10:00 AM PDT