I had to duplicate an Azure AD Conditional Access policy today and make some changes, here’s what I did:
1 2 3 4 5 6 7 8 |
# Connect to Azure AD Connect-AzureAD # Find the source policy $srcPolicy = Get-AzureADMSConditionalAccessPolicy | ?{$_.DisplayName -eq "<name of the policy>" } # Create a new policy, leaving it disabled; copy the conditions and New-AzureADMSConditionalAccessPolicy -DisplayName "<name of new policy>" -Conditions $srcPolicy.Conditions -GrantControls $srcPolicy.GrantControls -SessionControls $srcPolicy.SessionControls -State "Disabled" |