User Profile

Bernard_Semplicita

Copper Contributor

Joined 9 years ago

5 Posts3 Likes

View All Badges

User Widgets

Recent Discussions

Condititional Access blocks access to AAD Management portal
Hi, I’m trying to build CA policy with a block all, unless policy. Therefore I have setup a block all rule, and with an exception of the ‘Microsoft Azure Management’ cloud application. The second rule I created is another block rule, for all users, and the cloud application ‘Microsoft Azure Management’. In this rule I have configured the exception for a security group. The third rule is the allow rule, and the requirements a user in the allowed security group must met, to access the azure portal. Now the issue. A user can access to the azure portal, but when the user tries to enter the AAD management portal, the user gets blocked by conditional access. I have attached the sign attempts. The first one is the signin to portal.azure.com, the second one, which fails, is the one trying to access AAD management portal. any ideas how to fix this?
Jan 14, 2022 Place Microsoft Entra
Access Management
Azure Active Directory (AAD)
Identity Management
7.9KViews
0likes
11Comments
Re: Condititional Access blocks access to AAD Management portal
I'm going to create a ticket with MS. Manually selecting all apps might be a workarround, but not the one i would like to use. Will post an update when i have one.
Dec 06, 2021 Place Microsoft Entra
7.3KViews
2likes
0Comments
Re: Condititional Access blocks access to AAD Management portal
Jonhed manually selecting all cloud apps, instead of the 'all cloud apps' does work. I also noticed, it is not just the AAD management portal being blocked, also the endpoint manager portal is blocked, when i use the default option 'All cloud apps' When manual selecting the apps, this portal is also available again.
Dec 06, 2021 Place Microsoft Entra
7.3KViews
1like
2Comments
Re: Condititional Access blocks access to AAD Management portal
hey guys, i know the basics. But the main question is, why can i access the main azure portal itself, and CA is not blocking here, but, when i try to access the AAD management pane, CA is blocking. I would like to know why, while both 'applications' are accessed/protected via the 'Microsoft Azure Management' cloud app, the result is not the same. If you check the fail and succes log i attached, you can see the Application and Resource are the same.
Dec 05, 2021 Place Microsoft Entra
7.4KViews
0likes
6Comments
Re: Condititional Access blocks access to AAD Management portal
What i am trying to achieve with CA is to block all access, unless an application/resource is specifically is allowed. To allow access to the azure portal if have created the described rules. But allthough 'AAD management' is part of the 'Windows Azure Service Management API' resource, it is blocked by CA. My question is why. Based on the CA rules, i should be able te access both.
Dec 05, 2021 Place Microsoft Entra
7.5KViews
0likes
2Comments

Recent Blog Articles

No content to show