“What If” tool in Public Preview for #AzureAD Conditional Access Policies

In case you don’t remember what is all about Azure AD Conditional Access, I suggest that you click here to take a look at the previous articles in my blog that deal with this.

Let’s talk about a new feature that was announced to be in Public Preview, the so called “What If” tool for Conditional Access. This tool will let you understand the impact of a Conditional Access Policy on a user sign-in, under conditions that you specify. Do you remember the on-premises Group Policy Modeling console? Well, it should give you similar results, meaning you can see how the policies will be applied to a user, rather than waiting for the user to tell you (and complain in some cases…).

 

So let’s see how it works:

Go to the Azure Portal, and select Azure AD Conditional Access, then click on What If:

1

 

Select the user you want to test and optionally select app, IP address, device platforms, client app, sign-in risk, and then click on the blue What If button:

2

 

And these are the results that you get:

3

 

Which policies WIIL NOT apply? This is helpful when you want to know the reason when a policy is not applied:

4

 

Want to learn more about the What If tool? Click here to go to the related Microsoft Docs article.

 

Enjoy!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.