Home

Microsoft Azure PowerShell conditional access

%3CLINGO-SUB%20id%3D%22lingo-sub-1019225%22%20slang%3D%22en-US%22%3EMicrosoft%20Azure%20PowerShell%20conditional%20access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1019225%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20conditional%20access%20implemented%20and%20normally%20every%20login%20is%20forced%20to%20perform%20MFA%20by%20my%20CA%20rules.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHowever%20there%20are%20some%20background%20scripts%20and%20other%20functions%20that%20MFA%20breaks%20when%20run%20that%20I%20need%20to%20exclude%20from%20CA.%26nbsp%3B%20%26nbsp%3BI%20have%20created%20a%20blanket%20exception%20rule%20in%20CA%20that%20is%20applied%20to%20the%20account%20to%20exempt%20from%20MFA%20and%20that%20works.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20I%20want%20to%20do%20now%20is%20tighten%20down%20that%20CA%20rule%20to%20IP%20and%20application.%26nbsp%3B%20The%20problem%20I%20have%20is%20when%20I%20look%20at%20the%20sign%20in%20logs%20the%20application%20listed%20is%20%22Microsoft%20Azure%20PowerShell%22%20however%20when%20I%20try%20to%20apply%20the%20CA%20rule%20to%20this%20application%20it%20is%20not%20in%20the%20list.%26nbsp%3B%20Do%20I%20need%20to%20create%20it%20or%20is%20it%20found%20as%20something%20else%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1019225%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%20%26amp%3B%20Compliance%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
lfkentwell
Contributor

I have conditional access implemented and normally every login is forced to perform MFA by my CA rules. 

 

However there are some background scripts and other functions that MFA breaks when run that I need to exclude from CA.   I have created a blanket exception rule in CA that is applied to the account to exempt from MFA and that works.

 

What I want to do now is tighten down that CA rule to IP and application.  The problem I have is when I look at the sign in logs the application listed is "Microsoft Azure PowerShell" however when I try to apply the CA rule to this application it is not in the list.  Do I need to create it or is it found as something else?

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
46 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
30 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies