Email: helpdesk@telkomuniversity.ac.id

This Portal for internal use only!

All Categories

All Categories

Search

0 Wishlist

Cart

Categories
More Categories Less Categories

iconTicket Service Desk

All Categories

All Categories

Search

0 Wishlist

Cart

Menu
Home/Microsoft/MCAS Access Policy not applying to Slack/Google Workspace

MCAS Access Policy not applying to Slack/Google Workspace

/ 2024-08-14 / Microsoft

Hello, 

 

I am testing conditional access controls for all of our corporate apps, in this case the scope is limited to MS365 apps, Slack and Google Workspace. The exact scenario I am trying to address is, when a non compliant device (managed through Intune + compliance policies) attempts to access any corporate application, I want to restrict access until the device is compliant again.

 

I have created a AD conditional access policy that will “grant access” requiring one of the selected controls to be checked off as “device to be marked as compliant”, and the Session condition is set to “Use Conditional Access App Control” with the drop down on Use Custom Policy. I have an access policy in MCAS with the following conditions: 

Device Tag != Intune Compliant
App – Manual Onboarding = M365, Google Cloud, Slack

if those conditions check off then the action is set to Block and Alert. In my testing I was able to get these controls to work only for the M365 apps, but I am still able to access and use Google and Slack on the non compliant device. Any feedback on if I am doing anything wrong, or if this is a known limitation would be great. Thanks!

​Hello,  I am testing conditional access controls for all of our corporate apps, in this case the scope is limited to MS365 apps, Slack and Google Workspace. The exact scenario I am trying to address is, when a non compliant device (managed through Intune + compliance policies) attempts to access any corporate application, I want to restrict access until the device is compliant again. I have created a AD conditional access policy that will “grant access” requiring one of the selected controls to be checked off as “device to be marked as compliant”, and the Session condition is set to “Use Conditional Access App Control” with the drop down on Use Custom Policy. I have an access policy in MCAS with the following conditions: Device Tag != Intune CompliantApp – Manual Onboarding = M365, Google Cloud, Slackif those conditions check off then the action is set to Block and Alert. In my testing I was able to get these controls to work only for the M365 apps, but I am still able to access and use Google and Slack on the non compliant device. Any feedback on if I am doing anything wrong, or if this is a known limitation would be great. Thanks!  Read More

Tags:

Related posts

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data
2024-11-14

From questions to discoveries: NASA’s new Earth Copilot brings Microsoft AI capabilities to democratize access to complex data

Microsoft introduces new adapted AI models for industry
2024-11-13

Microsoft introduces new adapted AI models for industry

IDC’s 2024 AI opportunity study: Top five AI trends to watch
2024-11-13

IDC’s 2024 AI opportunity study: Top five AI trends to watch

Leave a Reply

Your email address will not be published. Required fields are marked *

Adobe
Google for Education
IBM
Matlab
Microsoft
Wordpress
Visual Paradigm
Opensource

Portal Application Package Repository Telkom University, for internal use only, empower civitas academica in study and research.

Information

Contact Us

Copyright © Telkom University. All Rights Reserved. ch