Legacy Authentication Exclusion

This guide will allow administrators to create an exemption for accounts that utilize an application that possesses outdated forms of authentication.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: Identity Security

Domain: Login Protection Management

Modifies: Legacy Authentication Exclusions

Legacy Authentication Exclusion

  1. Navigate to Conditional Access Policies – Azure Active Directory, locate and select the Security Essentials: C9 – Default Legacy Authentication Block policy.
  2. A pop up will be displayed containing all the configured settings being enforced by the policy. Locate and select the Users section followed by the Exclude header. Under the Select Excluded Users and Groups option select the hyperlink to generate the list of all current users and groups that can exempt. Do not modify any other settings listed, failure to abide could result in resources not being protected properly or a mass lockout scenario due to misconfiguration.
  3. From the list you will be able to select the desired User or Group specified by management. Use the provided text field to search for the user account or group name, select the name in the generated list below, once selected they will be displayed in the Selected section. Finalize the user or group selection by hitting Select.
  4. Once the necessary exemptions have been made and the user or group is generating in the list of Selected Excluded Users and Groups, select Save to finalize the Legacy Authentication exemption process.

Need Assistance?

Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.