CA200 - Unclear app exclusions #23
Description
Hi there!
First of all, thank you for putting together this Conditional Access baseline! It's a fantastic resource and has been very helpful.
This is actually the first issue I've ever submitted on GitHub, so please bear with me if I get anything wrong!
I noticed that the CA200 policy (CA200-Internals-IdentityProtection-AnyApp-AnyPlatform-MFA) has two applications listed under excludeApplications:
372140e0-b3b7-4226-8ef9-d57986796201- Azure Windows VM Sign-In7ee0ff59-27fd-4fc2-b341-202786641daa- [Storage Account] sam365pyldn01.file.core.windows.net
The README describes this policy as:
"This policy requires MFA for all internal identities, for all cloud applications, from any platform."
Since this repo is intended as a reusable baseline, I was curious, were these exclusions left in intentionally for a specific reason, or might they have slipped in during the export from your tenant?
Sincerely
Matt