Replies: 3 comments
-
|
I don't think the exclusion is the actual issue here. The MT.1012 & MT.1013 - are the Conditional Access versions of the legacy Identity Protection risk policies. According to Microsoft, you should use only the Coditional Access ones and turn off the legacy version. @Cloud-Architekt - Perhaps add a logic to skip MT.1024 if MT.1013 is Passed ? |
Beta Was this translation helpful? Give feedback.
-
|
That is a very interesting point, and I do think incorporating that logic into the tests might be more beneficial. The issue I initially raised was based on the following screenshots though. My legacy policies are not in use and yet the test(even though it should be skipped) thinks I have one user being skipped. |
Beta Was this translation helpful? Give feedback.
-
|
This is a bug in the out of the box Entra Recommendation check where it's providing a recommendation even in a disabled state. We should open it with Microsoft directly. I'll move this to a discussion since we can't immediately action it. |
Beta Was this translation helpful? Give feedback.
-
Hi,
This might be a mistake on my part, but I was hoping someone could clarify for me.
I just ran a new test from Maester 0.0.119 and I'm seeing two settings that might be the same but with different results. The duo that fails references the 1 break-glass account I have connected to the policies as the cause, which are configured correctly in accordance with the tests that have passed. Is it possible that my configuration can pass the first two but fail the other two? If not, is it possible to exclude the break-glass from the 1024 tests?
Happy to answer any questions--thanks!
Beta Was this translation helpful? Give feedback.
All reactions