Recent Searches

    Popular Articles

    Articles
    View all
      Topics
      View all
        Tickets
        View all
          no results

          Sorry! nothing found for

          How to use the What If tool to check Azure AD conditional access policies

          Modified on Wed, 06 Jul 2022 at 02:49 AM

          This article covers how to use the What If tool to identify any policies that might be blocking access to CoreView service accounts.


          Overview 

          Using the What If tool you can easily identify any the policy that is currently blocking the access of our service accounts (coreview.reports<randomicnumber>@<onmicrosoft domain>) or our management user (4ward365.admin@<onmicrosoft domain>). 

          You can find the What If tool on the Conditional Access - Policies page in the Azure portal. (https://portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade/Policies) 

           

          How to use the What If tool: 

          1. To start the tool, in the toolbar on top of the list of policies, click What If. 


          ShapeGraphical user interface, text, application, email Description automatically generated 


          2. In the User field type, expand the user or workload identity section, select User and select from     the list one of our accounts (i.e. coreview.reports<randomicnumber>@<onmicrosoft         domain>): 


          Graphical user interface, text, application Description automatically generated 

           

          In the IP address field enter one of the following addresses, and in the location field choose the information appropriate for your location.   

          For the Europe Data center, choose 'Ireland' and refer to the following IP addresses  

          Azure CCC (EU)         

          • 52.178.220.169 
          • 13.79.166.132 
          • 52.164.205.60 
          • 40.69.61.123 
          • 191.239.215.199 
          • 20.191.46.79


          For the USA Data center, choose 'Virginia' and refer to the following IP addresses  

          Azure CCC (US East)  

              

          • 52.225.217.154
          • 104.209.147.75 
          • 40.70.44.94 
          • 137.116.90.35 
          • 52.225.222.18 
          • 40.65.233.115  


          For the Canadian Data Center, choose 'Quebec City' and refer to the following IP addresses  

          Azure CCC (Canada East) 

          • 52.229.116.78 
          • 40.69.100.107 
          • 52.242.35.38 
          • 52.242.126.90 
          • 52.235.47.42 
          • 52.155.24.77


          For the GOV Data center, choose 'Virginia' and refer to the following IP addresses  

          Azure GCC (US East)  

          • 13.72.21.184 
          • 52.247.175.28 
          • 13.72.21.53 
          • 52.227.221.240

           

          Click on What If button and let us know what the evaluation results are. 

          Graphical user interface, text, application, email, Teams Description automatically generated 


          Refer to the following article for more details:  

          https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/what-if-tool 

           

          Was this article helpful?

          That’s Great!

          Thank you for your feedback

          Sorry! We couldn't be helpful

          Thank you for your feedback

          Let us know how can we improve this article!

          Select atleast one of the reasons

          Feedback sent

          We appreciate your effort and will try to fix the article

          Preview
          0 of 0