努力创建 PowerShell 脚本来部署条件访问策略以阻止旧式身份验证
问题描述 投票:0回答:1
这是我在这里发表的第一篇文章,我真的希望有人能和我一起解决这个问题。 正如您可能在帖子标题中看到的那样,我正在尝试创建一个 PowerShell 脚本,该脚本将部署条件访问策略来阻止旧身份验证,但我无法弄清楚。 有人可以查看我的 caode 并告诉我为什么它不起作用吗?它的错误在于
$conditions.ClientAppTypes = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessClientApp
$conditions.ClientAppTypes = @(“ExchangeActiveSync”, “Other”)
主要代码:
$conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet
$conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition
$conditions.Applications.IncludeApplications = "All"
$conditions.Applications.ExcludeApplications = @(
""
""#applications
)
$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition
$conditions.Users.IncludeUsers = "All"
$conditions.Users.ExcludeUsers = @(
"" #Admin user ID
"GuestsOrExternalUsers"
)
$conditions.Users.ExcludeGroups = "" #Admin group ID
$conditions.Users.ExcludeRoles = @(
# ""
# ""
# )
$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessClientApp
$conditions.ClientAppTypes = @(“ExchangeActiveSync”, “Other”)
$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls
$controls._Operator = "OR"
$controls.BuiltInControls = "block"
New-AzureADMSConditionalAccessPolicy -DisplayName "Block Legacy Authentication" -State "Disabled" -Conditions $conditions -GrantControls $controls
1个回答
0
投票
投票
要创建阻止旧式身份验证条件策略,您可以使用以下 PowerShell 脚本:
Connect-MgGraph -Scopes "Policy.Read.All",
"Policy.ReadWrite.ConditionalAccess",
"Application.Read.All"
$conditions = @{
Applications = @{
includeApplications = 'All'
};
Users = @{
includeUsers = 'All'
};
ClientAppTypes = @(
'ExchangeActiveSync',
'Other'
);
}
$grantcontrols = @{
BuiltInControls = @('Block');
Operator = 'OR'
}
$name = "Block Legacy Authentication All Apps"
$state = "Disabled"
New-MgIdentityConditionalAccessPolicy `
-DisplayName $name
-State $state
-Conditions $conditions
-GrantControls $grantcontrols
条件访问策略创建成功:
要启用该策略,请将行修改为
$state = "Enabled"最新问题
- ESLint 9.x.x 错误 typescript-eslint/解析器
- 在 pandas 数据框替换功能中使用正则表达式匹配组
- 有没有办法在functions.php中取消WordPress插件脚本的排队?
- 如何使我的滚动条在图像上不会切断其圆形容器顶部?
- PyCharm 警告:从协议实现属性时,“字段”类型与“A”不兼容
- Oracle 中的 NHibernate 分页 - 使用 rownum
- 编译器错误 C2065:identifire 未声明
- 从 chrome 导出下载历史记录
- python嵌套dict多键方法建议
- 如何通过 Dockerfile 中的 docker RUN 安装@types/node
- 在 Unity 2d 中使用坐标系和游戏屏幕?
- Flutter 中的按钮会延迟停用?
- 在android studio中重命名包重新创建一个新包
- 具有不同类型操作数的空合并运算符
- Open AI API 密钥丢失
- 通过 forEach(function(track) {track.stop();} 关闭流后重新启动流
- 拒绝加载脚本'https://cdnjs.cloudflare.com/ajax/libs/jquery-csv/0.71/jquery.csv-0.71.min.js'
- 在asp.net mvc中基于两个参数使用Linq-To-Sql进行分页
- 存储过程导致错误
- node https 和 zlib 包:无法解析来自 stackoverflow.com 的 gzip 响应
© www.soinside.com 2019 - 2024. All rights reserved.