Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

Conditional Access Policy - breached?

Brass Contributor

Hi All,

We have created a conditional access policy to block all locations except for the UK where we are based.  This appeared to be working fine and I could see all the failures in the sign-in log from US, RU etc however I noticed a few successful sign-ins from the US using the method PHS.  I checked the IPs in whatsmyip.com and they were from the US.  The user was definitely sat at home on this day, in the UK?  How could this have occurred?  I'm not sure if this a breach or a mis-configuration?  TIA, Stuart

1 Reply
best response confirmed by VI_Migration (Silver Contributor)
Solution
OK we've figured this one out, conditional access policies are not supported with legacy authentication apps, like exchange active sync, so we need to block the legacy apps to make this policy effective.
1 best response

Accepted Solutions
best response confirmed by VI_Migration (Silver Contributor)
Solution
OK we've figured this one out, conditional access policies are not supported with legacy authentication apps, like exchange active sync, so we need to block the legacy apps to make this policy effective.

View solution in original post