Effective Conditional Access Policies for users and groups
Consider adding an option within Azure Active Directory Conditional Access that allow security administrators to with whether the companies conditional access rules are applied effectively for all users and groups.
- The solution should list all users and groups that is targeted a specific conditional access policy and also does who are not hit by the policy
- The solution should also be able to be used for troubleshooting which policies that a user is getting applied.
This request is also listed on the Intune Feedback uservoice: https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/19152421-effective-conditional-access-policies-for-users-an
Some of this is now possible using the conditional access whatIf tool. It can be used to troubleshoot which policies apply to a specific user.
The second part of the request; listing impact of a policy on all users is something we’ll consider. We’re continuing to invest in tools that help with understanding impact policies and will make sure it is easy to assess policy coverage.