User Profile
mohammadalkhateeb
Copper Contributor
Joined 4 years ago
User Widgets
Recent Discussions
File Shared with unauthorized domain
Hello all, I wanted to share an integration issue I've encountered with the Azure AD domain whitelist feature and Microsoft Defender for Cloud Apps, and seek your insights and solutions. **Issue Overview:** We configured an Azure AD domain whitelist to ensure that only authorized domains have access to our shared files. However, I've noticed that some files shared with unauthorized domains are still triggering policy violations, even though the domain is whitelisted. This has led to unnecessary alerts and disruptions. **Observed Behavior:** Despite these efforts, some files shared with unauthorized domains still trigger policy violations, causing false positives and additional workload for our team. I'm reaching out to the community to see if anyone has encountered a similar issue or has insights into possible causes and solutions. Has anyone successfully resolved a similar situation? Are there any specific considerations or troubleshooting steps I might have missed? How can we ensure that the policy accurately identifies unauthorized domain sharing while honoring the whitelist? Thanks1.2KViews0likes2CommentsConditional access app control issue.
Hi Microsoft tech Community, I have a 3d party application connected to Azure AD for SSO purposes. Started to use Defender for cloud app/ CA app control to monitor all signings session and here what I did: 1- create a CA policy in Azure AD included all users and the 3d party app. 2- signed out and signed in again to refresh my session 3- In DCA portal ---> settings --> CA app control found the application. 4- clicked on onboard the app with session control ---> checked the box off use this app sessions controls then save. 5- sessions started to be sent to MCAS. Everything was good but after I tried to sign in to the 3d party app with the SSO capabilities a message was appaired indicating that this application is being monitored then I clicked on continue, it redirected me to the 3d party website not the webapp dashboard. anyone has faced this before. Thanks!1.7KViews0likes5CommentsRe: MFA admin policy and user policy
Hello, Administrators already use PIM and all recommendations from Microsoft are followed on the top of that all admins required to use supported devices and trusted locations therefore cloud admins required to be at trusted location to elevate the privilege but if they come from untrusted location they will be getting MFA prompts if MFA was satisfied then they will be blocked from accessing the site because the trusted location policy. My issue is that admins lost MFA challenge as when they are regular users and they will never get MFA prompts, is this issue because they were excluded from All user policy? Should I include them in that policy or keep them excluded?1.4KViews0likes2CommentsMFA admin policy and user policy
Hello there, I have a question about MFA all user policy and admin roles policy. I am actually not sure what is the best way to configure those policies, should I create all user policy with the inclusion of all users and exclusion of directory roles and the admin policy for directory roles and exclude all users? will users with AAD roles get MFA prompts if they did not elevate their privileges or what, while they have been excluded from the all users policy? I tried it and tested it using two accounts, one with directory role and the other is just regular account with no roles assigned to. the regular account gets MFA prompts every time they sign in to O365 apps, but the user with permission (Global admin) gets nothing before elevate the privilege and after, even when I try to resign in. Shouldn’t I exclude the directory roles from the all users policy and what is the best way to configure this? thanks
Recent Blog Articles
No content to show