Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community
SOLVED

deplicate conditional access baseline policies

Iron Contributor

I want to test the End user protection CA policy but I don't want to enable it for all users yet. Is it possible to recreate that baseline but allowing me to limit what users/groups it applies to?

I like that it ties into risky signin and leaked creds, but don't see those options when I create my own policy.

thanks!

3 Replies

It's possible. The whole idea behind the baseline policies is to offer a pre-configured policy with relaxed license requirements. If you already have AAD/EMS licenses in your tenant you can create similar policies yourself, with better customizability. In particular, the "user risk" condition can be found under the Conditions group -> Sign-in risk.

@VasilMichevMy conditions options are only 

device platform

locations

client apps

device state

 

I have a E5 with EMS E3. I think that includes AAD P1

 

Is EMS E5 or AAD P2 required to use the sign-in risk?

 

thanks,jb

best response confirmed by Jason Benway (Iron Contributor)
Solution

Yup, you need AAD P2/EMS E5.

1 best response

Accepted Solutions
best response confirmed by Jason Benway (Iron Contributor)
Solution

Yup, you need AAD P2/EMS E5.

View solution in original post