Hope you all are doing good!!!
If you have missed our previous articles on Azure Identity And Access Management (IAM), please check it in following links.
- Assist in meeting GDPR and privacy regulations.
- Compliance and audit.
In details, it works in the following places as described in MS document.
- Assist in meeting privacy regulations.
Required Licence :
Azure AD Premium P1
Azure AD Premium P2
Enterprise Mobility + Security E3
Enterprise Mobility + Security E5
Required User Role :
User must have one of the following administrator accounts for the directory user want to configure
Conditional Access Administrator
Once we confirm that, we have all the above prerequisite, we can go-through the following steps, to complete our lab exercise.
- Under Conditional Access > Enforce with Conditional Access policy templates, we can see following two options,
- Custom Policy – If we want to create custom policy immediately after the term creation as a single process.
- It is possible to use both Expire consents and Duration before re-acceptance requires (days) settings together, but generally we should use one of them.
- Click Create button to complete the term creation procedure. Following figure showing the newly created term.
Step 4 – As we have selected Custom Policy in Conditional Access section of create new term window, we will get a new window to create a custom conditional policy as shown in the following figure. We have another article, in which we have described Azure AD Conditional Access Policy in details. In this conditional access, I have included only following two users for our testing as shown in the following figure.
- Click Create button to create the conditional access policy. As we can see in the following figure, our new policy has created successfully.
Let’s check the accepted user and click on the count of Accepted field. As we can see in the following figure Ganesh has accepted the term.
Same way, we can see for the Declined user. As in the following figure Manas has declined the term.
Audit Log :
As I am exploring the Azure Identity and Access Management (IAM) in a deep level. Please let me know if I missed anything important or if my understanding is not up to mark.
Keep reading, share your thoughts, experiences. Feel free to contact us to discuss more.
Thanks for reading 🙂