“What If” tool in Public Preview for #AzureAD Conditional Access Policies

February 3, 2018 Chris Spanougakis No comments exist

In case you don’t remember what is all about Azure AD Conditional Access, I suggest that you click here to take a look at the previous articles in my blog that deal with this.

Let’s talk about a new feature that was announced to be in Public Preview, the so called “What If” tool for Conditional Access. This tool will let you understand the impact of a Conditional Access Policy on a user sign-in, under conditions that you specify. Do you remember the on-premises Group Policy Modeling console? Well, it should give you similar results, meaning you can see how the policies will be applied to a user, rather than waiting for the user to tell you (and complain in some cases…).

So let’s see how it works:

Go to the Azure Portal, and select Azure AD Conditional Access, then click on What If:



Select the user you want to test and optionally select app, IP address, device platforms, client app, sign-in risk, and then click on the blue What If button:



And these are the results that you get:



Which policies WIIL NOT apply? This is helpful when you want to know the reason when a policy is not applied:



Want to learn more about the What If tool? Click here to go to the related Microsoft Docs article.



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.