How to identify sign-ins affected by report-only mode Conditional Access policies in Entra ID?
Monitoring report-only mode Conditional Access policies are crucial for Microsoft 365 admins to avoid disruptions. By running policies in this mode, admins can see potential impacts, such as work disruptions, user blocks, or unexpected MFA challenges, without enforcing them. It ensures that the policies apply correctly to users and devices when activated.
Here are the steps to find sign-ins evaluated by report-only mode Conditional Access policies.
- Log in to the Microsoft Entra admin center.
- Navigate to .
- Select a sign-in event and move to the Report-only tab.
- Under the Report-only tab, you can view report-only mode CA policies along with their grant controls, session controls, and results. Select a report-only mode Conditional Access policy to see how it impacted the chosen sign-in.
The report displays which conditions matched, did not match, were not configured, and which access controls were satisfied or blocked. Reviewing conditions such as user, application, device, location, client app, and more helps admins to identify potential issues or misconfigurations. This comprehensive overview ensures that admins can fine-tune policies to optimize security and user experience.
The main drawback of using native methods to monitor report-only mode sign-ins is the short retention period of sign-in logs in Microsoft Entra. This period is 30 days or less, depending on the licensing. As a result, the historical data available for analysis is limited, making it difficult to track long-term trends and impacts.
Need reports beyond the short retention period? AdminDroid has you covered!
- The Sign-ins Failed by Report-only Policy Requirement report from AdminDroid simplifies the process and helps you stay on top of your security measures.
- These reports detail sign-in time, signed-in user, app, authentication requirement, applied report-only mode CA policies, device, location, and more, allowing you to pinpoint sign-in failures and fine-tune your CA policies effectively.
Handy Hint: Easily schedule reports to regularly analyze Conditional Access policies in the report-only mode without hassle. Just click the clock icon ⏰ in the top right corner to set it up.