How can we improve Azure Active Directory?

← Azure Active Directory

Change tracking for Conditional Access Policies

Support some kind of change tracking or auditing in regards to changes made for Conditional Access Policies?

83 votes
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Peter Selch Dahl shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

8 comments

Attach a File
Sign in
(thinking…)
Sign in with: Microsoft
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Naveen B N commented  ·   ·  Flag as inappropriate

    This feature is really required for security governance purpose, hope fully we can find the way for achieving this.

  • David Hughes commented  ·   ·  Flag as inappropriate

    I'm trying to set-up a Conditional Access Alert for this and cannot find anything in there that would help with notification of changes etc. to CAP's.
    As part of our security we need to track what was modified, by whom, and to what effect the modification was, i.e. if someone was added / removed to / from an exclude list. If the CAP itself was altered.
    Does anyone know when we'll be able to log them?

  • Christopher Parker commented  ·   ·  Flag as inappropriate

    I'ma be honest, folks, the fact that this is still sitting on user voice "planned" after two years is deeply, deeply disturbing.

  • Minh Trieu commented  ·   ·  Flag as inappropriate

    Considering that this is a security tool, its really important that we have audit logs for this product.

  • Max commented  ·   ·  Flag as inappropriate

    +1 on this one - Audit logs for conditional access should be a priority considering the impact conditional access can have.

  • Adam Dickinson commented  ·   ·  Flag as inappropriate

    Absolutely - given CA is a security component in Azure, I would say being able to audit who changed WHAT from WHERE would be a given for being recorded.

    Yet beyond who and when, I can see no detail to prove what settings were changed which could impact the ability of CA to protect identity/data.

Azure Active Directory: Conditional Access

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice