These steps show how to exclude users from a Conditional Access policy.
- Head over to https://portal.azure.com/ and log in with your Admin account
- Go to the Microsoft Entra ID page
-
On the left menu, select Protection
-
Click on Conditional Access.
- Head over to Policies in the left menu
-
Select the CA policy you want to exclude a user from. For the purpose of this tutorial, we will use the conditional access policy "Require MFA for access from untrusted networks"
-
Click on Users or workload identities
-
In the Exclude tab, click on Select excluded users
-
Firstly, search the name of the users or groups that you want to exclude from the Conditional Access policy
-
Then, click to select the user or group.
-
Finish by clicking on Select
-
Save the changes and the user/group selected is now excluded from the CA policy.
-
If you want to reverse the action or remove a user from the exception -> under the "Select excluded users", you will see all the users and groups that are excluded from the CA Policy
-
Click on the three dots next to the user and click on Remove
-
The user will now be removed from the exception to the CA policy.
- Don't forget to Save you changes
If you have any further questions, please contact us at support@bemopro.com
Comments
0 comments
Please sign in to leave a comment.