Anonymous

My feedback

  1. 237 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    42 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    Anonymous supported this idea  · 
    An error occurred while saving the comment
    Anonymous commented  · 

    It's pretty easy to build CA policies to grant with MFA at all locations, even unknown. Where this issue hurts is with countries for which we simply wish to completely block all sign-in capabilities. We can't effectively do that until this is fixed. Not that there aren't ways to beat that, too, but it's at least moderately effective. Admin, do you have an ETA on this?

  2. 45 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Azure Active Directory » Identity Protection  ·  Flag idea as inappropriate…  ·  Admin →
    started  ·  Azure AD Team responded

    Thanks for your feedback, folks. We have been working towards resolving the locations for IPv6 logins. Currently, a subset of such logins are getting resolved for location and the % will gradually go up. Are you seeing some of your IPv6 logins with resolved location?

    An error occurred while saving the comment
    Anonymous commented  · 

    This has not improved over the last month. Microsoft closed our ticket on this as resolved. What is the status?

    An error occurred while saving the comment
    Anonymous commented  · 

    Hello Rajat, We're seeing locations associated with about 4% of our IPv6 traffic. Progress! Thanks - when do you expect it to be complete?

    Anonymous supported this idea  · 
    An error occurred while saving the comment
    Anonymous commented  · 

    Indeed - I have a ticket open on this right now. It's a major issue. As we move to add everyone to more comprehensive CA policies, setting up MFA grant for certain countries as a stop-gap measure is rendered relatively ineffective by this issue. about 1/4 of all sign-in attempts for us are made via IPv6. Microsoft is making a big push to become a more security-focused company, and fixing this needs to be part of that push.

Feedback and Knowledge Base