cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

deplicate conditional access baseline policies

Jason Benway
Contributor

‎Jul 09 2019 06:53 AM - last edited on ‎Jul 27 2020 06:53 PM by

‎Jul 09 2019 06:53 AM - last edited on ‎Jul 27 2020 06:53 PM by

deplicate conditional access baseline policies

I want to test the End user protection CA policy but I don't want to enable it for all users yet. Is it possible to recreate that baseline but allowing me to limit what users/groups it applies to?

I like that it ties into risky signin and leaked creds, but don't see those options when I create my own policy.

thanks!

Labels:
684 Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Jul 09 2019 09:42 AM

‎Jul 09 2019 09:42 AM

Re: deplicate conditional access baseline policies

It's possible. The whole idea behind the baseline policies is to offer a pre-configured policy with relaxed license requirements. If you already have AAD/EMS licenses in your tenant you can create similar policies yourself, with better customizability. In particular, the "user risk" condition can be found under the Conditions group -> Sign-in risk.

0 Likes
Reply
Jason Benway

‎Jul 15 2019 05:46 AM

‎Jul 15 2019 05:46 AM

Re: deplicate conditional access baseline policies

@Vasil MichevMy conditions options are only 

device platform

locations

client apps

device state

 

I have a E5 with EMS E3. I think that includes AAD P1

 

Is EMS E5 or AAD P2 required to use the sign-in risk?

 

thanks,jb

0 Likes
Reply
best response confirmed by Jason Benway (Contributor)
Vasil Michev

‎Jul 15 2019 09:40 AM

‎Jul 15 2019 09:40 AM

Solution

Re: deplicate conditional access baseline policies

Yup, you need AAD P2/EMS E5.

1 Like
Reply