Managing APP Enforcement and Passkey Enrollment Challenges in Office 365

By /

Listen to this Post

URL: https://lnkd.in/gD5Nt8XP

You Should Know:

When enforcing Azure AD Conditional Access Policies (APP) on all resources, managing passkey enrollment can be challenging. Below are some practical commands and scripts to help identify and manage client apps with APP applied:

1. List Client Apps with APP Applied:

Get-AzureADPolicyAppliedObject -PolicyId <PolicyId>

This PowerShell command retrieves all objects (including client apps) that have a specific APP policy applied.

2. Extract Sign-In Logs:

Get-AzureADAuditSignInLogs -Filter "createdDateTime gt 2023-10-01" -Top 100

Use this command to extract sign-in logs, which can help identify which resources are being accessed frequently.

3. Target Office 365 Bundle:

New-AzureADConditionalAccessPolicy -DisplayName "Target Office 365" -Conditions @{Applications = @{IncludeApplications = "Office365"}} -GrantControls @{Operator = "OR"; Controls = @("RequireMFA")}

This script creates a new Conditional Access Policy targeting only the Office 365 bundle, simplifying enforcement.

4. Identify High-Risk Sign-Ins:

Get-AzureADRiskDetection -RiskEventType "unfamiliarFeatures"

This command helps identify high-risk sign-ins that may require additional scrutiny.

5. Automate APP Policy Application:

$apps = Get-AzureADApplication
foreach ($app in $apps) {
Add-AzureADApplicationPolicy -ObjectId $app.ObjectId -PolicyId <PolicyId>
}

Automate the application of APP policies to all client apps in your tenant.

What Undercode Say:

Managing APP enforcement and passkey enrollment in Office 365 requires a strategic approach, especially in larger organizations. By leveraging PowerShell commands and scripts, you can streamline the identification of client apps with APP applied, extract valuable sign-in logs, and automate policy enforcement. Targeting specific bundles like Office 365 can simplify the process, while monitoring high-risk sign-ins ensures robust security. Always validate your scripts in a test environment before deploying them widely.

Additional Resources:

By integrating these practices, you can effectively manage APP enforcement and enhance your organization’s security posture.

References:

Reported By: Nathanmcnulty Thinking – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

Whatsapp
TelegramFeatured Image

Related Posts: