cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Conditional Access policy Block user registration security information from foreign locations

niklastinner
Brass Contributor

‎Jul 06 2020 05:15 AM - last edited on ‎May 24 2021 03:26 PM by

‎Jul 06 2020 05:15 AM - last edited on ‎May 24 2021 03:26 PM by

Conditional Access policy Block user registration security information from foreign locations

Hello

 

I am currently constructing a conditional access policy which should block any attempt for registration of security information (for Self-Service-Password-Reset) from a foreign region. I have an a locationlist which just excludes my country, all others are included.

When I'm now using a VPN to an other country (which should of course be affected by the list) and try to submit my security information it's not getting blocked.

 

Am I doing something wrong?

 

Thanks!

Labels:
Preview file
33 KB
Preview file
48 KB
Preview file
60 KB
1,615 Views
1 Like
1 Reply
Reply
1 Reply
best response confirmed by niklastinner (Brass Contributor)
Thijs Lecomte

‎Jul 06 2020 06:11 AM

‎Jul 06 2020 06:11 AM

Solution

Re: Conditional Access policy Block user registration security information from foreign locations

This only works with the combined security registration.
Have you enabled this?
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr...

If so, have you checked the sign-in logs and policy details??
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/troubleshoot-conditional-...
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by niklastinner (Brass Contributor)
Thijs Lecomte

‎Jul 06 2020 06:11 AM

‎Jul 06 2020 06:11 AM

Solution

Re: Conditional Access policy Block user registration security information from foreign locations

This only works with the combined security registration.
Have you enabled this?
https://docs.microsoft.com/en-us/azure/active-directory/authentication/concept-registration-mfa-sspr...

If so, have you checked the sign-in logs and policy details??
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/troubleshoot-conditional-...

View solution in original post

0 Likes
Reply