Hybrid Modern Authentication for Exchange Hybrid

Lim Chong Sun 531 Reputation points
2021-03-31T10:02:59.68+00:00

I am using Exchange hybrid agent and configuring modern hybrid.

I know that hybrid modern authentication is not supported.

I do know what is modern authentication but what is hybrid modern authentication?

Can users migrated to Exchange Online (EXO) use MFA conditional access policy and for me to configure block legacy authentication conditional access policy?
I know users still on on-premise Exchange (EXCH) will not have modern authentication.

Or does it mean that all users whether they are on EXO or EXCH cannot use modern authentication?

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,115 questions
Microsoft Exchange Hybrid Management
Microsoft Exchange Hybrid Management
Microsoft Exchange: Microsoft messaging and collaboration software.Hybrid Management: Organizing, handling, directing or controlling hybrid deployments.
1,835 questions
0 comments No comments
{count} votes

Accepted answer
  1. Kllin Nunes 226 Reputation points
    2021-03-31T11:36:25.1+00:00

    Hi, @Lim Chong Sun

    In this article you can check in details the Hybrid Modern Authentication.
    https://learn.microsoft.com/en-us/microsoft-365/enterprise/hybrid-modern-auth-overview?view=o365-worldwide
    You cannot block the Conditional Access to legacy authentication because the Conditional Access works only on Modern Authentication, or in this case Hybrid Modern Authentication.
    When you enable the Hybrid Modern Authentication, its for all your Exchange Organization, not to one or other user.
    After enabled, the Hybrid Modern Authentication depends on clients and protocols support to work, like Outlook 2013 and MAPI over HTTP. So, if the user have the minimum requirements to use HMA and the HMA its enabled in your environment it works, otherwise, the user still using legacy authentication regardless of whether the user uses EXO or EXCH.

    Hope this helps.

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards,

    Kllin Nunes

    0 comments No comments

0 additional answers

Sort by: Most helpful