To replicate the policies created by Azure AD Security Defaults your customer’s tenant must be licensed with Azure AD Premium P2. However, the majority of policies can be replicated with an Azure AD Premium P1 license.
Creating the Replacement Conditional Access Policies #
Here are step-by-step guides on how you can use Conditional Access to configure equivalent policies to those policies enabled by security defaults:
- Require MFA for administrators
- Require MFA for Azure management
- Block legacy authentication
- Require MFA for all users
- Require Azure AD MFA registration – Requires Azure AD Identity Protection part of Azure AD Premium P2.
Note: Once you have created the custom policies, please ensure you complete the following guide to allow MSPMagic to connect to SharePoint Online: Troubleshooting Authentication Errors