šŸ”„ Check out my documented journey on how to set up Configuration Manager (MECM) and my updated notes on the Azure AZ-104 Exam! šŸ”„
Posts
Microsoft
Microsoft Endpoint Manager
Microsoft Endpoint Manager Course Notes
MECM Stormwind Studios Course Notes
Chapter 2 - Intune, Mobile Devices, and Compliance
Chapter 2.5 - Conditional Access

Microsoft Endpoint Manager Notes

Chapter 2.5 - Conditional Access

Conditional Access - Windows Devices

  • Corporate Devices
  • BYOD
  • Exchange On-Prem

Conditional Access - Windows Devices

  • Azure Active Directory Supported Apps
  • LOB Apps
  • Conditional Access Process:
    • Authenticate User and Device
      • Azure AD
      • Redirect to App Store
        • App Store/Google Play (Install Microsoft Authenticator/Company Portal)
        • Install App
          • Broker app
          • Register device in Azure AD
            • Verify identity of Outlook app
            • Request token based on Client ID
              • Policy + Approved Client IDs
              • Issue Access token
                • Access Outlook Cloud Service with AAD token
                • Outlook Cloud Service
                  • Get EXO access token for user
                  • Get Corporate email
                    • Office 365 Email Service

Conditional Access - Microsoft 365 Modern Authentication

  • Access to resources from different devices and apps from anywhere
  • Access Control Infrastructure
  • Azure Active Directory enables you to enforce controls on access to apps

Topic Summary

  • Device Based
  • App Based
Chapter 2.4 - Compliance PoliciesChapter 3.1 - Introduction to Configuration Manager