SOLVED

how to display url and conditional access policy for all site collections in a tenant.

Iron Contributor

how to display url and conditional access policy for all site collections in a tenant.

5 Replies

It's a single line of code in PowerShell:

 

Get-SPOSite | ft Url,ConditionalAccessPolicy

It is showing full access for all site collections which is not correct. I have tested individually for a site collection with the following line:

 


Get-SPOSite -Identity <site collection link> -Detailed | Fl

 

which displays AllowLimitedAccess which i have applied before  specifically for the site:

Set-SPOSite -Identity <name of site collection or OneDrive account> -ConditionalAccessPolicy AllowLimitedAccess

best response confirmed by null null (Iron Contributor)
Solution

You can just as easily add the -Detailed switch...

 

Get-SPOSite | % { Get-SPOSite -Detailed -Identity $_.URL | select Url,Conditional* }

@Vasil Michev Hello Vasil,

Do you have an idea how to convert the command to display the conditional access policy for personal onedrive for business site ?

@ivanoi99412 

I am using this script to review all OneDrives in the tenant and set their ConditionalAccessPolicy to what I want it to be (blocked for Unmanaged devices)

 

foreach($od4B in Get-SPOSite -Template "SPSPERS" -Limit All -IncludePersonalSite $True)
{
  if ($od4B.ConditionalAccessPolicy -ne 'BlockAccess')
  {

      Set-SPOSite -ConditionalAccessPolicy "BlockAccess"  -Identity $od4B.url

  }
}

 

The requirement that we had was that the client wanted to block all use of OD4B temporarily while they tested Teams and ensure that users could not store files in OD or SPO.  We used a Sensitivity Label for the SPO sites and this for the OD Sites.

1 best response

Accepted Solutions
best response confirmed by null null (Iron Contributor)
Solution

You can just as easily add the -Detailed switch...

 

Get-SPOSite | % { Get-SPOSite -Detailed -Identity $_.URL | select Url,Conditional* }

View solution in original post