Jan 11 2019 04:44 AM
We want to exclude one user from impossible travel and are wanting to know the best way to do this, the recommended way so we do not go down the wrong path.
I was thinking make a group with all users, but then we would have to constantly keep updating that group, is there a rule that can be made to exclude just one person from it and enable it on the whole account?
Jan 11 2019 05:04 AM
Jan 11 2019 09:19 AM
I believe the author is referring to the Azure AD Risk events, not necessarily the CAS rules. Although the information presented should be the same, the options we have to configure those differ.
Jan 11 2019 09:22 AM
Sure! It is here if they are referring to excluding users from the Azure AD Risk Events policy -
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-user-risk-policy
Thanks for pointing this out.
Best, Chris