Home

Azure AD Conditional Access support for blocking legacy auth is in Public Preview!

%3CLINGO-SUB%20id%3D%22lingo-sub-202381%22%20slang%3D%22en-US%22%3EAzure%20AD%20Conditional%20Access%20support%20for%20blocking%20legacy%20auth%20is%20in%20Public%20Preview!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-202381%22%20slang%3D%22en-US%22%3E%3CP%20class%3D%22%22%3EWe're%20excited%20to%20announce%20the%20Public%20Preview%20of%20Azure%20AD%20Conditional%20Access%20support%20for%20blocking%20legacy%20authentication.%20In%20the%20past%20you%20needed%20to%20use%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-conditional-access-no-modern-authentication%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EADFS%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eto%20do%20this%2C%20but%20using%20conditional%20access%20to%20do%20this%20is%20SO%20much%20simpler%2Fbetter.%20Now%20you%20to%20can%20manage%20legacy%20authentication%20blocking%20as%20one%20part%20of%20your%20overall%20conditional%20access%20strategy%2C%20all%20from%20right%20in%20the%20Azure%20AD%20admin%20console.%20And%20for%20many%20of%20you%2C%20this%20will%20also%20give%20you%20the%20option%20to%20move%20away%20from%20ADFS%20to%20an%20cloud%20centered%20authentication%20model%20enabled%20by%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-pass-through-authentication%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Epass-through%20authentication%3C%2FA%3E.%3C%2FP%3E%0A%3CP%20class%3D%22%22%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFirst%20things%20first%2C%20let%E2%80%99s%20define%20legacy%20authentication.%20Legacy%20authentication%20is%20a%20term%20that%20refers%20to%20authentication%20protocols%20used%20by%20apps%20like%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EOlder%20Office%20clients%20that%20do%20not%20use%20modern%20authentication%20(e.g.%2C%20Office%202010%20client)%3C%2FLI%3E%0A%3CLI%20class%3D%22%22%3EClients%20that%20use%20mail%20protocols%20such%20as%20IMAP%2FSMTP%2FPOP%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F35668i7A1C5287851B39FF%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Slide1.PNG%22%20title%3D%22Slide1.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3ERead%20more%20about%20it%20in%20the%20%3CA%20href%3D%22https%3A%2F%2Fcloudblogs.microsoft.com%2Fenterprisemobility%2F2018%2F06%2F07%2Fazure-ad-conditional-access-support-for-blocking-legacy-auth-is-in-public-preview%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EEnterprise%20Mobility%20%2B%20Security%20blog%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-202381%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Community Manager

We're excited to announce the Public Preview of Azure AD Conditional Access support for blocking legacy authentication. In the past you needed to use ADFS to do this, but using conditional access to do this is SO much simpler/better. Now you to can manage legacy authentication blocking as one part of your overall conditional access strategy, all from right in the Azure AD admin console. And for many of you, this will also give you the option to move away from ADFS to an cloud centered authentication model enabled by pass-through authentication.

 

First things first, let’s define legacy authentication. Legacy authentication is a term that refers to authentication protocols used by apps like:

  • Older Office clients that do not use modern authentication (e.g., Office 2010 client)
  • Clients that use mail protocols such as IMAP/SMTP/POP

Slide1.PNG

Read more about it in the Enterprise Mobility + Security blog.

Related Conversations