deplicate conditional access baseline policies

Jason Benway · ‎Jul 09 2019

I want to test the End user protection CA policy but I don't want to enable it for all users yet. Is it possible to recreate that baseline but allowing me to limit what users/groups it applies to?

I like that it ties into risky signin and leaked creds, but don't see those options when I create my own policy.

thanks!

Vasil Michev · ‎Jul 09 2019

It's possible. The whole idea behind the baseline policies is to offer a pre-configured policy with relaxed license requirements. If you already have AAD/EMS licenses in your tenant you can create similar policies yourself, with better customizability. In particular, the "user risk" condition can be found under the Conditions group -> Sign-in risk.

Jason Benway · ‎Jul 15 2019

@Vasil MichevMy conditions options are only

device platform

locations

client apps

device state

I have a E5 with EMS E3. I think that includes AAD P1

Is EMS E5 or AAD P2 required to use the sign-in risk?

thanks,jb

Jason Benway · ‎Jul 15 2019

Yup, you need AAD P2/EMS E5.

Jason Benway · ‎Jul 15 2019

Yup, you need AAD P2/EMS E5.

View solution in original post

deplicate conditional access baseline policies

deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

deplicate conditional access baseline policies

deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies

Re: deplicate conditional access baseline policies