Sep 29 2022 12:42 AM
Hello, TechCommunity forum,
Does anybody know if there is a way to get a list of users that are not covered by Conditional Access policies?
For example, I have ten policies for different groups of users. Is there a way to find users that are not part of those groups/CA policies?
Sep 29 2022 10:13 AM
Oct 02 2022 05:51 AM
Hello @VasilMichev ,
Thank you for your reply.
First of all I tried "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies/{policyid}?$select=conditions" and got conditions (because "users" are listed under "conditions").
And now I need to deep somehow into users and then into IncludeUsers. I tried different variations of $expand and $select but didn't succeed.
I see that "includeUsers" contains "All". But if I expand this facet, will it be possible to get a list of all users? For example, if I would had "Group1" instead of "All". Or should I use another API to get a list of all users in this "Group1"?
Oct 02 2022 08:47 AM