Advanced Conditional Access Policies for AVD
Vložit
- čas přidán 24. 07. 2024
- Entra ID Conditional Access Policies are an excellent option for managing Multifactor Authentication, but there is more to it than MFA. This video follows a previous video on using Conditional Access policies to require MFA when accessing AVD. We expand on the concepts of the previous video by configuring the policy for different conditions, such as hybrid Entra ID joined devices and logging in from a known public IP. After that, we create a policy to block access from specific devices and logins from outside the country.
00:00 - Start
02:00 - Access From Hybrid Joined Clients
05:26 - Control Access by Public IP
09:42 - Limit Access by Device Type
12:59 - Block Access from Outside a Country
Links
Free Azure guide! Subscribe to the newsletter
subscribepage.io/rbsIjt
Zero to Hero with Azure Virtual Desktop
www.udemy.com/course/zero-to-...
Hybrid Identity with Windows AD and Azure AD
www.udemy.com/course/hybrid-i...
Windows 365 Enterprise and Intune Management
www.udemy.com/course/windows-...
More on supported web browsers
learn.microsoft.com/en-us/ent... - Věda a technologie
Hello Travis. Thanks for the Video. I have a quastion. How did you add "Azure Virtual Desktop" as a Target resource (2:31)? For me its not showing Azure Virtual Desktop sadly.
Nvm. I were able to find it trough your other Video (czcams.com/video/0woBO5C8aOY/video.html) :)
Yeah I also dont see this as an option. Wondering if it's been replaced with "Azure Windows VM Sign-in" which is listed.
Hi Travis thank you for the video! I have a question, is it possible to force users only to access AVD from a rdp client,windows app,rdp win 10, but not a web browser? Thanks again!
It should be feasible if you simply block the access to AVD via Browser. You can see the option at 2:35 under Conditions >> Client Apps. Instead of granting the access, you can use "Block Access".
Hi, I'm not sure why my comment keeps going away, I've posted it twice...