Forum Discussion

Brass Contributor

Apr 28, 2022

Create Conditional Access Policy

Hi Team. I have a doubt, I have assign MFA for Outlook and Teams clients? In Conditional Access policy, Conditions - Device platforms - Select Windows. In Client Apps select Mobile apps and desk...

Conditional Access

CarlosMorales

Brass Contributor

Hi.
For block legacy authentication select all options:
Outlook client, Exchange ActiveSync, Autodiscover, IMAP4, POP3, Authenticated SMTP and Exchange Online PowerShell?

Thanks

Adin_Calkic

Steel Contributor

May 01, 2022

Hi CarlosMorales ,

you can uncheck everything but I would suggest also creating a CA policy and block legacy.

If you decide to uncheck from Admin portal - see below my environment.

If you decide to do CA policy, you can Assign to test user, Cloud apps to All Cloud Apps, and Conditions under Client apps set to Yes, and check both under Legacy authentication clients. Under Grant set to Block.

Good luck. Make sure your Outlook client is the latest version to support Modern authentication. You can read about it here - Modern Authentication configuration requirements for transition - Exchange | Microsoft Docs

Adin_Calkic
Steel Contributor
May 02, 2022
Hi CarlosMorales ,

check here on how to force modern authentication for Outlook client. You can set in registry.
Modern Authentication configuration requirements for transition - Exchange | Microsoft Docs
CarlosMorales
Brass Contributor
May 02, 2022
Hi Adin_Calkic

Perform both settings: block legacy authentication and create CA policy.
Cannot working MFA in Outlook Client, the client version is 2203 Build 15028.20204

Forum Discussion

Create Conditional Access Policy

Share

Resources