Hello all,
a Microsoft Moderator send me to this forum.
(https://answers.microsoft.com/en-us/msoffice/forum/all/set-conditional-access-policy-filter-for-devices/178f7b3d-7564-46e2-867c-81655e12aec7?messageId=cb22c360-1b6c-425e-8002-413366d561ae)
hopefully someone can help me with this topic.
I currently try to set "filter for devices" via Powershell for our conditional access policy but I cant figure out how to do it.
The goal is to set the syntax in the "fliter for devices" via powershell to example: "evice.deviceId -eq "some serial number" -or device.deviceId -eq "some serial number"
First I tried to read the set values to find out how I could set them but It seems there is no class for "filter for devices".
((Get-AzureADMSConditionalAccessPolicy -PolicyId somepolicyID).Conditions)
Output:
Applications : class ConditionalAccessApplicationCondition {
IncludeApplications: System.Collections.Generic.List`1[System.String]
ExcludeApplications: System.Collections.Generic.List`1[System.String]
IncludeUserActions: System.Collections.Generic.List`1[System.String]
IncludeProtectionLevels:
}
Users : class ConditionalAccessUserCondition {
IncludeUsers: System.Collections.Generic.List`1[System.String]
ExcludeUsers: System.Collections.Generic.List`1[System.String]
IncludeGroups: System.Collections.Generic.List`1[System.String]
ExcludeGroups: System.Collections.Generic.List`1[System.String]
IncludeRoles: System.Collections.Generic.List`1[System.String]
ExcludeRoles: System.Collections.Generic.List`1[System.String]
}
Platforms : class ConditionalAccessPlatformCondition {
IncludePlatforms: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.ConditionalAccessDevicePlatforms]
ExcludePlatforms: System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.ConditionalAccessDevicePlatforms]
}
Locations :
SignInRiskLevels : {}
ClientAppTypes : {All}