Comments on: Using PowerShell to Manage Conditional Access (CA) Policies https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/ Practical Office 365 News, Tips, and Tutorials Sat, 08 Oct 2022 12:02:55 +0000 hourly 1 https://wordpress.org/?v=6.3.2 By: Yanyan Lasala https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-244442 Sat, 08 Oct 2022 12:02:55 +0000 https://practical365.com/?p=50701#comment-244442 Great article. Question, how can I add a member to condition policy? For example I want to add someone to included or excluded.

]]>
By: Olu Omolola https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-237669 Fri, 04 Feb 2022 10:15:37 +0000 https://practical365.com/?p=50701#comment-237669 Many thanks for your help in putting things together. Please how can I use this to extract Ipranges and output to a txt or csv file? Get-AzureADMSNamedLocationPolicy | Where {$_.DisplayName -ne ‘Chicago office’} | ft DisplayName,Id

Get-AzureADMSNamedLocationPolicy | Where {$_.DisplayName -ne ‘London office’} | ft DisplayName,Id,IpRanges but not getting the desired list of the IPs complete. Please can you help? Many thanks

]]>
By: daye https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-237380 Thu, 23 Dec 2021 01:45:49 +0000 https://practical365.com/?p=50701#comment-237380 How to convert the conditional access user/exclude user’s objectID to displayname or userprincipalname?

If I use $policyobjecitID.condition.user.excludeuser, I got all the exclude users objetID, how to convert them to azureAD displayname or Principalusername?

Thank you.

]]>
By: daye https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-237378 Wed, 22 Dec 2021 23:56:03 +0000 https://practical365.com/?p=50701#comment-237378 Thanks for the great article. Question,

If I want to list users/exclude users, I can run this:
$condtionalaccesspolicyID.condition.users
$condtionalaccesspolicyID.condition.users.excludeUsers,

I just got the ObjectID, not the displayname or UserPrincipalname, How I can convert it into displayname or userprincipal name ? Thanks.

]]>
By: Sourav https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-236971 Fri, 29 Oct 2021 20:12:30 +0000 https://practical365.com/?p=50701#comment-236971 Hi,

Great article!

Quick question –
In the summary of the policy settings you have mentioned – “Two Names Locations included, where MFA will not be enforced”.

Shouldn’t it be “….. where MFA will be enforced” instead of “will NOT be”, since you are including those 2 locations in your policy?

Thanks,
Sourav

]]>
By: Tony Redmond https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-236489 Mon, 06 Sep 2021 09:48:10 +0000 https://practical365.com/?p=50701#comment-236489 In reply to Dean Gross.

Thanks. It happens (a lot).

]]>
By: Dean Gross https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-236469 Thu, 02 Sep 2021 19:14:08 +0000 https://practical365.com/?p=50701#comment-236469 This guy copied your article https://simpleitpro.com/index.php/2021/03/30/using-powershell-to-manage-conditional-access-ca-policies/

]]>
By: Silviu https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-235665 Thu, 24 Jun 2021 06:55:27 +0000 https://practical365.com/?p=50701#comment-235665 Great stuff written here. Keep it up!

]]>
By: Tony Redmond https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-235351 Mon, 14 Jun 2021 19:15:08 +0000 https://practical365.com/?p=50701#comment-235351 In reply to Matthew Prentice.

Thanks. We’ve updated the text.

]]>
By: Matthew Prentice https://practical365.com/using-powershell-to-manage-conditional-access-ca-policies/#comment-235349 Mon, 14 Jun 2021 17:16:01 +0000 https://practical365.com/?p=50701#comment-235349 Looks like a typo early in the article.

**Note that both the AzureAG and AzureADPreview PowerShell modules contain these cmdlets.

I assume that should be “AzureAD” not “AzureAG”.

]]>