Azure AD Identity Protection basics

Azure AD Identity protection is available with Azure AD P2 and provides risk detection and policy enforcement for sign ins and users. It can also be incorporated with Conditional Access policies to provide even more flexibility. This video shows you the basics of Azure AD Identity Protection as well as showing you an example of a login process that generates creates risk.

You can find the video here –

and more information here – What is Identity Protection?

Restricting user file downloads in SharePoint Online

There are situations with SharePoint Online where businesses wish to restrict users from downloading files. Unfortunately, this can’t be done at a document library level but I can be done at a user level provided you have licenses for Conditional Access.

Conditional Access is a features of Azure AD P1 and is included in SKUs like Microsoft 365 Business Premium. The above video takes you through the steps of configuring an appropriate Conditional Access policy in your environments to prevent downloads. The policy can be targeted at specific users and expanded to include other Microsoft 365 cloud services if desired.

PowerShell with Azure Conditional Access

Recently, I did a video demonstrating how PowerShell can be used to automate Endpoint Management:

PowerShell with Endpoint Manager

I’ve now also created a video demonstrating how to automate Azure Conditional Access using PowerShell. As before, I am only making these scripts available via the CIAOPS Paton program.

In this video you’ll see me automatically backup up both Conditional Access locations and policies, then apply best practices locations and policies, finally restore the original policies, all using scripting.

Again, these scripts are not free and part of the CIAOPS Paton program. You’ll find my free stuff at

Conditional Access with Microsoft 365

One of the easy ways to protect your environment is to implement Conditional Access which is included with all Microsoft 365 plans. Otherwise, you can add Azure AD P1 to your environment to get this functionality.

This video will take you through the basics of setting up a Conditional Access including how to block access based on location. You’ll see how to create a Named Location, a Conditional Access policy and what it looks like when it is actually applied to a user.

A direct link for the video can be found at: