Forum Discussion
Condititional Access blocks access to AAD Management portal
hey guys, i know the basics.
But the main question is, why can i access the main azure portal itself, and CA is not blocking here, but, when i try to access the AAD management pane, CA is blocking.
I would like to know why, while both 'applications' are accessed/protected via the 'Microsoft Azure Management' cloud app, the result is not the same.
If you check the fail and succes log i attached, you can see the Application and Resource are the same.
Have you selected "All cloud apps" in the first block rule?
If so, what happens if you edit the rule to block only the cloud apps that are selectable in the list?
As is mentioned in the documents below, not all Azure services are onboarded for conditional access, so maybe there is some backend service that is required to access Azure AD, that is currently being blocked?
One would think that the service in question would show up in the sign in logs as being blocked though..
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-cloud-appsJonhed
manually selecting all cloud apps, instead of the 'all cloud apps' does work. I also noticed, it is not just the AAD management portal being blocked, also the endpoint manager portal is blocked, when i use the default option 'All cloud apps'When manual selecting the apps, this portal is also available again.
- Great, no need for testing then!
- Yeah, I agree that there's probably something backend causing this and was thinking about it in the same way, but too lazy doing just that 🙂 Will probably do some more testing when work allows for it.
