To replicate the policies created by Azure AD Security Defaults your customer’s tenant must be licensed with Azure AD Premium P2. However, the majority of policies can be replicated with an Azure AD Premium P1 license.
Creating the Replacement Conditional Access Policies
Here are step-by-step guides on how you can use Conditional Access to configure equivalent policies to those policies enabled by security defaults:
- Require MFA for administrators
- Require MFA for Azure management
- Block legacy authentication
- Require MFA for all users
- Require Azure AD MFA registration – Requires Azure AD Identity Protection part of Azure AD Premium P2.
Note: Once you have created the custom policies, please ensure you complete the following guide to allow MSPMagic to connect to SharePoint Online: Troubleshooting Authentication Errors
- MSPMagic’s Templates for Microsoft Endpoint Manager (Intune) Policies and Best Practice Settings
- Release Update – November 2022
- MSPMagic’s Pre-Made Policies for Microsoft Endpoint Manager (Intune)
- Release Update – October 2022
- COMP-DV05: Windows 10 and later Microsoft Defender for Endpoint Enabled and Clear of Risks