Block service accounts exclude trusted locations.

1. Bakgrunn

Oppgave i prosjektet:
Implementere conditional access baseline (report mode)

Conditional Access baseline ved UiO - Universitetets senter for informasjons­teknologi

2. Fremgangsmåte

2.1 AzureAD-gruppe

it-uio-aad-sa-mfa-exclude

MERK: Named og eventuelle trusted locations, må både forbedres i regeln og godkjennes av IT-Sikkerhet.

2.2 Conditional Access policy

Block service accounts exclude trusted locations - Report only

  • Assignments
    • Users or workload identities
      • Included
        • it-uio-aad-sa-mfa-exclude
      • Excluded
        • UiO Emergency Global Administrator
    • Cloud apps or actions
      • All cloud apps
    • Conditions
      • Locations
        • Included
          • Any location
        • Excluded
          • test SPS trusted location
          • Test KNH Iprange
          • Multifactor authentication trusted IPs
          • Uninett logg
  • Access controls
    • Grant
      • Block access

 

 

 

 

 


 

 

 

Publisert 8. juni 2022 14:00 - Sist endret 8. juni 2022 14:00